In the dynamic realm of cybersecurity, staying updated on the latest vulnerabilities is imperative.
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between May 28-29, 2024.
During this period, The National Vulnerability Database published 133, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 5
High: 43
Medium: 13
Low: 1
Severity Not Assigned: 71
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2022-48681
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 0.6
Impact Score: 6.0
Description: Some Huawei smart speakers have a memory overflow vulnerability. Successful exploitation of this vulnerability may cause certain functions to fail.
References: https://https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-samovishss-28e21e39-en
https://www.huawei.com/cn/psirt/security-advisories/2024/huawei-sa-samovishss-28e21e39-cn
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
2. CVE-2023-52547
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26. Memory Corruption in SMI Handler of HddPassword SMM Module. This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in SMM.
References: https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-iholpiiahpp-0ab7d6db-en
CWE-ID: CWE-130
Common Platform Enumerations (CPE): Not Found
3. CVE-2023-52548
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26) Arbitrary Memory Corruption in SMI Handler of ThisiServicesSmm SMM module. This can be leveraged by a malicious OS attacker to corrupt arbitrary SMRAM memory and, in turn, lead to code execution in SMM
References: https://www.huawei.com/cn/psirt/security-advisories/2024/huawei-sa-hppvtiroowtboamb-bb3261bd-cn
https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-hppvtiroowtboamb-bb3261bd-en
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
4. CVE-2023-52710
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26), As the communication buffer size hasn’t been properly validated to be of the expected size, it can partially overlap with the beginning SMRAM.This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in SMM.
References: https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-hppvticfuoec-8ffde288-en
CWE-ID: CWE-754
Common Platform Enumerations (CPE): Not Found
5. CVE-2023-52711
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Various Issues Due To Exposed SMI Handler in AmdPspP2CmboxV2. The first issue can be leveraged to bypass the protections that have been put in place by previous UEFI phases to prevent direct access to the SPI flash. The second issue can be used to both leak and corrupt SMM memory thus potentially leading code execution in SMM
References: https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-voiiaciahpp-6376e0c7-en
CWE-ID: CWE-284
Common Platform Enumerations (CPE): Not Found
6. CVE-2023-52712
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Various Issues Due To Exposed SMI Handler in AmdPspP2CmboxV2. The first issue can be leveraged to bypass the protections that have been put in place by previous UEFI phases to prevent direct access to the SPI flash. The second issue can be used to both leak and corrupt SMM memory, thus potentially leading code execution in SMM
References: https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-iiacviahpp-71ce77ee-en
CWE-ID: CWE-284
Common Platform Enumerations (CPE): Not Found
7. CVE-2024-3657
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service
References: https://access.redhat.com/security/cve/CVE-2024-3657
https://bugzilla.redhat.com/show_bug.cgi?id=2274401
CWE-ID: CWE-20
Common Platform Enumerations (CPE): Not Found
8. CVE-2024-5413
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: A vulnerability have been discovered in PhpMyBackupPro affecting version 2.3 that could allow an attacker to execute XSS through /phpmybackuppro/scheduled.php, all parameters. This vulnerabilities could allow an attacker to create a specially crafted URL and send it to a victim to retrieve their session details.
References: https://www.incibe.es/en/incibe-cert/notices/aviso/cross-site-scripting-vulnerability-phpmybackuppro
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
9. CVE-2024-5414
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: A vulnerability have been discovered in PhpMyBackupPro affecting version 2.3 that could allow an attacker to execute XSS through /phpmybackuppro/get_file.php, 'view' parameter. This vulnerabilities could allow an attacker to create a specially crafted URL and send it to a victim to retrieve their session details.
References: https://www.incibe.es/en/incibe-cert/notices/aviso/cross-site-scripting-vulnerability-phpmybackuppro
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
10. CVE-2024-5415
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: A vulnerability have been discovered in PhpMyBackupPro affecting version 2.3 that could allow an attacker to execute XSS through /phpmybackuppro/backup.php, 'comments' and 'db' parameters. This vulnerabilities could allow an attacker to create a specially crafted URL and send it to a victim to retrieve their session details.
References: https://www.incibe.es/en/incibe-cert/notices/aviso/cross-site-scripting-vulnerability-phpmybackuppro
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
11. CVE-2023-35949
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within the code responsible for parsing geometric faces of an OFF file.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1784
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
12. CVE-2023-35950
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within the code responsible for parsing the header of an OFF file.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1784
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
13. CVE-2023-35951
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within the code responsible for parsing geometric vertices of an OFF file.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1784
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
14. CVE-2023-35952
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within the code responsible for parsing comments within the geometric faces section within an OFF file.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1784
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
15. CVE-2023-35953
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within the code responsible for parsing comments within the geometric vertices section within an OFF file.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1784
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
16. CVE-2023-49600
Base Score: 8.1
Base Severity: HIGH
Exploitability Score: 2.2
Impact Score: 5.9
Description: An out-of-bounds write vulnerability exists in the PlyFile ply_cast_ascii functionality of libigl v2.5.0. A specially crafted .ply file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1879
CWE-ID: CWE-122
Common Platform Enumerations (CPE): Not Found
17. CVE-2024-22181
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An out-of-bounds write vulnerability exists in the readNODE functionality of libigl v2.5.0. A specially crafted .node file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1930
CWE-ID: CWE-129
Common Platform Enumerations (CPE): Not Found
18. CVE-2024-23947
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the `igl::MshLoader::parse_nodes` function while handling a `binary` `.msh` file.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1926
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
19. CVE-2024-23948
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the `igl::MshLoader::parse_nodes` function while handling an `ascii`.msh` file.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1926
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
20. CVE-2024-23949
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the `igl::MshLoader::parse_node_field` function while handling an `ascii`.msh` file.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1926
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
21. CVE-2024-23950
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the `igl::MshLoader::parse_element_field` function while handling an `binary`.msh` file.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1926
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
22. CVE-2024-23951
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the `igl::MshLoader::parse_element_field` function while handling an `ascii`.msh` file.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1926
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
23. CVE-2024-24684
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple stack-based buffer overflow vulnerabilities exist in the readOFF functionality of libigl v2.5.0. A specially crafted .off file can lead to stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the header parsing occuring while processing an `.off` file via the `readOFF` function.
We can see above that at [0] a stack-based buffer called `comment` is defined with an hardcoded size of `1000 bytes`. The call to `fscanf` at [1] is unsafe and if the first line of the header of the `.off` files is longer than 1000 bytes it will overflow the `header` buffer.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1929
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
24. CVE-2024-24685
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple stack-based buffer overflow vulnerabilities exist in the readOFF functionality of libigl v2.5.0. A specially crafted .off file can lead to stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the parsing of comments within the vertex section of an `.off` file processed via the `readOFF` function.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1929
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
25. CVE-2024-24686
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple stack-based buffer overflow vulnerabilities exist in the readOFF functionality of libigl v2.5.0. A specially crafted .off file can lead to stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the parsing of comments within the faces section of an `.off` file processed via the `readOFF` function.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1929
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
26. CVE-2024-29072
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 1.5
Impact Score: 6.0
Description: A privilege escalation vulnerability exists in the Foxit Reader 2024.2.0.25138. The vulnerability occurs due to improper certification validation of the updater executable before executing it. A low privilege user can trigger the update action which can result in unexpected elevation of privilege.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1989
CWE-ID: CWE-295
Common Platform Enumerations (CPE): Not Found
27. CVE-2024-3969
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.1
Impact Score: 6.0
Description: XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to remote code execution by parsing untrusted XML payload
References: https://www.netiq.com/documentation/imanager-32/imanager326_patch3_hf1_releasenotes/data/imanager326_patch3_hf1_releasenotes.html
CWE-ID: CWE-611
Common Platform Enumerations (CPE): Not Found
28. CVE-2024-5274
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Type Confusion in V8 in Google Chrome prior to 125.0.6422.112 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
References: https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_23.html
https://issues.chromium.org/issues/341663589
CWE-ID: CWE-843
Common Platform Enumerations (CPE): cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
29. CVE-2024-21785
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A leftover debug code vulnerability exists in the Telnet Diagnostic Interface functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted series of network requests can lead to unauthorized access. An attacker can send a sequence of requests to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1942
CWE-ID: CWE-489
Common Platform Enumerations (CPE): Not Found
30. CVE-2024-22187
Base Score: 9.1
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.2
Description: A write-what-where vulnerability exists in the Programming Software Connection Remote Memory Diagnostics functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to an arbitrary write. An attacker can send an unauthenticated packet to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1940
CWE-ID: CWE-284
Common Platform Enumerations (CPE): Not Found
31. CVE-2024-23315
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: A read-what-where vulnerability exists in the Programming Software Connection IMM 01A1 Memory Read functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can send an unauthenticated packet to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1941
CWE-ID: CWE-284
Common Platform Enumerations (CPE): Not Found
32. CVE-2024-23601
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A code injection vulnerability exists in the scan_lib.bin functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted scan_lib.bin can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1943
CWE-ID: CWE-345
Common Platform Enumerations (CPE): Not Found
33. CVE-2024-24851
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: A heap-based buffer overflow vulnerability exists in the Programming Software Connection FiBurn functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to a buffer overflow. An attacker can send an unauthenticated packet to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1936
CWE-ID: CWE-805
Common Platform Enumerations (CPE): Not Found
34. CVE-2024-24946
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.2
Description: A heap-based buffer overflow vulnerability exists in the Programming Software Connection CurrDir functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger these vulnerability.This CVE tracks the heap corruption that occurs at offset `0xb686c` of version 1.2.10.9 of the P3-550E firmware, which occurs when a call to `memset` relies on an attacker-controlled length value and corrupts any trailing heap allocations.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1937
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
35. CVE-2024-24947
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.2
Description: A heap-based buffer overflow vulnerability exists in the Programming Software Connection CurrDir functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger these vulnerability.This CVE tracks the heap corruption that occurs at offset `0xb68c4` of version 1.2.10.9 of the P3-550E firmware, which occurs when a call to `memset` relies on an attacker-controlled length value and corrupts any trailing heap allocations.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1937
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
36. CVE-2024-24954
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.2
Description: Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset `0xb69c8`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
37. CVE-2024-24955
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.2
Description: Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset `0xb69fc`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
38. CVE-2024-24956
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.2
Description: Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset `0xb6a38`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
39. CVE-2024-24957
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.2
Description: Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset `0xb6aa4`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
40. CVE-2024-24958
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.2
Description: Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset `0xb6bdc`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
41. CVE-2024-24959
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.2
Description: Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset `0xb6c18`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
42. CVE-2024-24962
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A stack-based buffer overflow vulnerability exists in the Programming Software Connection FileSelect functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to stack-based buffer overflow. An attacker can send an unauthenticated packet to trigger this vulnerability.This CVE tracks the stack-based buffer overflow that occurs at offset `0xb6e98` of v1.2.10.9 of the P3-550E firmware.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1939
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
43. CVE-2024-24963
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A stack-based buffer overflow vulnerability exists in the Programming Software Connection FileSelect functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to stack-based buffer overflow. An attacker can send an unauthenticated packet to trigger this vulnerability.This CVE tracks the stack-based buffer overflow that occurs at offset `0xb6e84` of v1.2.10.9 of the P3-550E firmware.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1939
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
44. CVE-2024-26024
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 2.5
Impact Score: 5.9
Description: SUBNET Solutions Inc. has identified vulnerabilities in third-party components used in Substation Server.
References: https://www.cisa.gov/news-events/ics-advisories/icsa-24-128-02
CWE-ID: CWE-1357
Common Platform Enumerations (CPE): Not Found
45. CVE-2024-24919
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
References: https://support.checkpoint.com/results/sk/sk182336
CWE-ID: CWE-200
Common Platform Enumerations (CPE): Not Found
46. CVE-2024-36109
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.1
Impact Score: 5.5
Description: CoCalc is web-based software that enables collaboration in research, teaching, and scientific publishing. In affected versions the markdown parser allows `
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between May 28-29, 2024.
During this period, The National Vulnerability Database published 133, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 5
High: 43
Medium: 13
Low: 1
Severity Not Assigned: 71
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2022-48681
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 0.6
Impact Score: 6.0
Description: Some Huawei smart speakers have a memory overflow vulnerability. Successful exploitation of this vulnerability may cause certain functions to fail.
References: https://https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-samovishss-28e21e39-en
https://www.huawei.com/cn/psirt/security-advisories/2024/huawei-sa-samovishss-28e21e39-cn
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
2. CVE-2023-52547
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26. Memory Corruption in SMI Handler of HddPassword SMM Module. This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in SMM.
References: https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-iholpiiahpp-0ab7d6db-en
CWE-ID: CWE-130
Common Platform Enumerations (CPE): Not Found
3. CVE-2023-52548
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26) Arbitrary Memory Corruption in SMI Handler of ThisiServicesSmm SMM module. This can be leveraged by a malicious OS attacker to corrupt arbitrary SMRAM memory and, in turn, lead to code execution in SMM
References: https://www.huawei.com/cn/psirt/security-advisories/2024/huawei-sa-hppvtiroowtboamb-bb3261bd-cn
https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-hppvtiroowtboamb-bb3261bd-en
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
4. CVE-2023-52710
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26), As the communication buffer size hasn’t been properly validated to be of the expected size, it can partially overlap with the beginning SMRAM.This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in SMM.
References: https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-hppvticfuoec-8ffde288-en
CWE-ID: CWE-754
Common Platform Enumerations (CPE): Not Found
5. CVE-2023-52711
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Various Issues Due To Exposed SMI Handler in AmdPspP2CmboxV2. The first issue can be leveraged to bypass the protections that have been put in place by previous UEFI phases to prevent direct access to the SPI flash. The second issue can be used to both leak and corrupt SMM memory thus potentially leading code execution in SMM
References: https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-voiiaciahpp-6376e0c7-en
CWE-ID: CWE-284
Common Platform Enumerations (CPE): Not Found
6. CVE-2023-52712
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Various Issues Due To Exposed SMI Handler in AmdPspP2CmboxV2. The first issue can be leveraged to bypass the protections that have been put in place by previous UEFI phases to prevent direct access to the SPI flash. The second issue can be used to both leak and corrupt SMM memory, thus potentially leading code execution in SMM
References: https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-iiacviahpp-71ce77ee-en
CWE-ID: CWE-284
Common Platform Enumerations (CPE): Not Found
7. CVE-2024-3657
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service
References: https://access.redhat.com/security/cve/CVE-2024-3657
https://bugzilla.redhat.com/show_bug.cgi?id=2274401
CWE-ID: CWE-20
Common Platform Enumerations (CPE): Not Found
8. CVE-2024-5413
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: A vulnerability have been discovered in PhpMyBackupPro affecting version 2.3 that could allow an attacker to execute XSS through /phpmybackuppro/scheduled.php, all parameters. This vulnerabilities could allow an attacker to create a specially crafted URL and send it to a victim to retrieve their session details.
References: https://www.incibe.es/en/incibe-cert/notices/aviso/cross-site-scripting-vulnerability-phpmybackuppro
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
9. CVE-2024-5414
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: A vulnerability have been discovered in PhpMyBackupPro affecting version 2.3 that could allow an attacker to execute XSS through /phpmybackuppro/get_file.php, 'view' parameter. This vulnerabilities could allow an attacker to create a specially crafted URL and send it to a victim to retrieve their session details.
References: https://www.incibe.es/en/incibe-cert/notices/aviso/cross-site-scripting-vulnerability-phpmybackuppro
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
10. CVE-2024-5415
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: A vulnerability have been discovered in PhpMyBackupPro affecting version 2.3 that could allow an attacker to execute XSS through /phpmybackuppro/backup.php, 'comments' and 'db' parameters. This vulnerabilities could allow an attacker to create a specially crafted URL and send it to a victim to retrieve their session details.
References: https://www.incibe.es/en/incibe-cert/notices/aviso/cross-site-scripting-vulnerability-phpmybackuppro
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
11. CVE-2023-35949
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within the code responsible for parsing geometric faces of an OFF file.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1784
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
12. CVE-2023-35950
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within the code responsible for parsing the header of an OFF file.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1784
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
13. CVE-2023-35951
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within the code responsible for parsing geometric vertices of an OFF file.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1784
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
14. CVE-2023-35952
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within the code responsible for parsing comments within the geometric faces section within an OFF file.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1784
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
15. CVE-2023-35953
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within the code responsible for parsing comments within the geometric vertices section within an OFF file.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1784
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
16. CVE-2023-49600
Base Score: 8.1
Base Severity: HIGH
Exploitability Score: 2.2
Impact Score: 5.9
Description: An out-of-bounds write vulnerability exists in the PlyFile ply_cast_ascii functionality of libigl v2.5.0. A specially crafted .ply file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1879
CWE-ID: CWE-122
Common Platform Enumerations (CPE): Not Found
17. CVE-2024-22181
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An out-of-bounds write vulnerability exists in the readNODE functionality of libigl v2.5.0. A specially crafted .node file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1930
CWE-ID: CWE-129
Common Platform Enumerations (CPE): Not Found
18. CVE-2024-23947
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the `igl::MshLoader::parse_nodes` function while handling a `binary` `.msh` file.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1926
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
19. CVE-2024-23948
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the `igl::MshLoader::parse_nodes` function while handling an `ascii`.msh` file.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1926
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
20. CVE-2024-23949
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the `igl::MshLoader::parse_node_field` function while handling an `ascii`.msh` file.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1926
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
21. CVE-2024-23950
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the `igl::MshLoader::parse_element_field` function while handling an `binary`.msh` file.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1926
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
22. CVE-2024-23951
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the `igl::MshLoader::parse_element_field` function while handling an `ascii`.msh` file.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1926
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
23. CVE-2024-24684
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple stack-based buffer overflow vulnerabilities exist in the readOFF functionality of libigl v2.5.0. A specially crafted .off file can lead to stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the header parsing occuring while processing an `.off` file via the `readOFF` function.
We can see above that at [0] a stack-based buffer called `comment` is defined with an hardcoded size of `1000 bytes`. The call to `fscanf` at [1] is unsafe and if the first line of the header of the `.off` files is longer than 1000 bytes it will overflow the `header` buffer.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1929
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
24. CVE-2024-24685
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple stack-based buffer overflow vulnerabilities exist in the readOFF functionality of libigl v2.5.0. A specially crafted .off file can lead to stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the parsing of comments within the vertex section of an `.off` file processed via the `readOFF` function.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1929
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
25. CVE-2024-24686
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple stack-based buffer overflow vulnerabilities exist in the readOFF functionality of libigl v2.5.0. A specially crafted .off file can lead to stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the parsing of comments within the faces section of an `.off` file processed via the `readOFF` function.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1929
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
26. CVE-2024-29072
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 1.5
Impact Score: 6.0
Description: A privilege escalation vulnerability exists in the Foxit Reader 2024.2.0.25138. The vulnerability occurs due to improper certification validation of the updater executable before executing it. A low privilege user can trigger the update action which can result in unexpected elevation of privilege.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1989
CWE-ID: CWE-295
Common Platform Enumerations (CPE): Not Found
27. CVE-2024-3969
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.1
Impact Score: 6.0
Description: XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to remote code execution by parsing untrusted XML payload
References: https://www.netiq.com/documentation/imanager-32/imanager326_patch3_hf1_releasenotes/data/imanager326_patch3_hf1_releasenotes.html
CWE-ID: CWE-611
Common Platform Enumerations (CPE): Not Found
28. CVE-2024-5274
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Type Confusion in V8 in Google Chrome prior to 125.0.6422.112 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
References: https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_23.html
https://issues.chromium.org/issues/341663589
CWE-ID: CWE-843
Common Platform Enumerations (CPE): cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
29. CVE-2024-21785
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A leftover debug code vulnerability exists in the Telnet Diagnostic Interface functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted series of network requests can lead to unauthorized access. An attacker can send a sequence of requests to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1942
CWE-ID: CWE-489
Common Platform Enumerations (CPE): Not Found
30. CVE-2024-22187
Base Score: 9.1
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.2
Description: A write-what-where vulnerability exists in the Programming Software Connection Remote Memory Diagnostics functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to an arbitrary write. An attacker can send an unauthenticated packet to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1940
CWE-ID: CWE-284
Common Platform Enumerations (CPE): Not Found
31. CVE-2024-23315
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: A read-what-where vulnerability exists in the Programming Software Connection IMM 01A1 Memory Read functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can send an unauthenticated packet to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1941
CWE-ID: CWE-284
Common Platform Enumerations (CPE): Not Found
32. CVE-2024-23601
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A code injection vulnerability exists in the scan_lib.bin functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted scan_lib.bin can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1943
CWE-ID: CWE-345
Common Platform Enumerations (CPE): Not Found
33. CVE-2024-24851
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: A heap-based buffer overflow vulnerability exists in the Programming Software Connection FiBurn functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to a buffer overflow. An attacker can send an unauthenticated packet to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1936
CWE-ID: CWE-805
Common Platform Enumerations (CPE): Not Found
34. CVE-2024-24946
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.2
Description: A heap-based buffer overflow vulnerability exists in the Programming Software Connection CurrDir functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger these vulnerability.This CVE tracks the heap corruption that occurs at offset `0xb686c` of version 1.2.10.9 of the P3-550E firmware, which occurs when a call to `memset` relies on an attacker-controlled length value and corrupts any trailing heap allocations.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1937
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
35. CVE-2024-24947
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.2
Description: A heap-based buffer overflow vulnerability exists in the Programming Software Connection CurrDir functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger these vulnerability.This CVE tracks the heap corruption that occurs at offset `0xb68c4` of version 1.2.10.9 of the P3-550E firmware, which occurs when a call to `memset` relies on an attacker-controlled length value and corrupts any trailing heap allocations.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1937
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
36. CVE-2024-24954
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.2
Description: Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset `0xb69c8`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
37. CVE-2024-24955
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.2
Description: Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset `0xb69fc`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
38. CVE-2024-24956
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.2
Description: Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset `0xb6a38`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
39. CVE-2024-24957
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.2
Description: Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset `0xb6aa4`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
40. CVE-2024-24958
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.2
Description: Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset `0xb6bdc`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
41. CVE-2024-24959
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.2
Description: Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset `0xb6c18`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
42. CVE-2024-24962
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A stack-based buffer overflow vulnerability exists in the Programming Software Connection FileSelect functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to stack-based buffer overflow. An attacker can send an unauthenticated packet to trigger this vulnerability.This CVE tracks the stack-based buffer overflow that occurs at offset `0xb6e98` of v1.2.10.9 of the P3-550E firmware.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1939
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
43. CVE-2024-24963
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A stack-based buffer overflow vulnerability exists in the Programming Software Connection FileSelect functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to stack-based buffer overflow. An attacker can send an unauthenticated packet to trigger this vulnerability.This CVE tracks the stack-based buffer overflow that occurs at offset `0xb6e84` of v1.2.10.9 of the P3-550E firmware.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1939
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
44. CVE-2024-26024
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 2.5
Impact Score: 5.9
Description: SUBNET Solutions Inc. has identified vulnerabilities in third-party components used in Substation Server.
References: https://www.cisa.gov/news-events/ics-advisories/icsa-24-128-02
CWE-ID: CWE-1357
Common Platform Enumerations (CPE): Not Found
45. CVE-2024-24919
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
References: https://support.checkpoint.com/results/sk/sk182336
CWE-ID: CWE-200
Common Platform Enumerations (CPE): Not Found
46. CVE-2024-36109
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.1
Impact Score: 5.5
Description: CoCalc is web-based software that enables collaboration in research, teaching, and scientific publishing. In affected versions the markdown parser allows `