CRITICALπŸ‡΅πŸ‡± Wersja polska

CVE-2024-24962

CVSS 9.8v3.1pub. 2024-05-28upd. 2025-02-12

A stack-based buffer overflow vulnerability exists in the Programming Software Connection FileSelect functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to stack-based buffer overflow. An attacker can send an unauthenticated packet to trigger this vulnerability.This CVE tracks the stack-based buffer overflow that occurs at offset `0xb6e98` of v1.2.10.9 of the P3-550E firmware.

πŸ€– AI Analysis
How it works

The vulnerability exists in the FileSelect functionality of the Programming Software Connection software in the AutomationDirect P3-550E firmware version 1.2.10.9. The attacker sends a specially crafted network packet without the need for authentication, causing a stack-based buffer overflow at offset 0xb6e98 in the firmware. The stack overflow enables control over program execution flow and potential execution of arbitrary code on the device.

Impact

An attacker can gain full control over the device, including the ability to read and modify data, disrupt industrial processes, or permanently damage the PLC controller configuration.

Mitigation & patch

Apply patches available from the manufacturer according to the references (Cisco Talos report TALOS-2024-1939). It is also recommended to restrict network access to PLC devices through OT/ICS network segmentation and firewalls, so that packets from untrusted sources do not reach the controllers.

Who is affected

AutomationDirect P3-550E and P3-550 with firmware version 1.2.10.9

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Automationdirect P1 540

    HW
    Automationdirect
    wszystkie wersje
  • Automationdirect P1 540 Firmware

    OS
    Automationdirect
    1.2.10.104.1.1.10
  • Automationdirect P1 550

    HW
    Automationdirect
    wszystkie wersje
  • Automationdirect P1 550 Firmware

    OS
    Automationdirect
    1.2.10.104.1.1.10
  • Automationdirect P2 550

    HW
    Automationdirect
    wszystkie wersje
  • Automationdirect P2 550 Firmware

    OS
    Automationdirect
    1.2.10.104.1.1.10
  • Automationdirect P3 530

    HW
    Automationdirect
    wszystkie wersje
  • Automationdirect P3 530 Firmware

    OS
    Automationdirect
    1.2.10.94.1.1.10
  • Automationdirect P3 550

    HW
    Automationdirect
    wszystkie wersje
  • Automationdirect P3 550e

    HW
    Automationdirect
    wszystkie wersje
  • Automationdirect P3 550e Firmware

    OS
    Automationdirect
    1.2.10.94.1.1.10
  • Automationdirect P3 550 Firmware

    OS
    Automationdirect
    1.2.10.94.1.1.10
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Memory
CWE
References

Related vulnerabilities

CVE-2024-24963CRITICAL9.8PL βœ“ten sam produkt

Stack-based buffer overflow w AutomationDirect P3-550E β€” RCE bez uwierzytelnienia

CVE-2024-21785CRITICAL9.8PL βœ“ten sam produkt

AutomationDirect P3-550E β€” nieusuniΔ™ty kod debugowania w interfejsie Telnet

CVE-2024-23601CRITICAL9.8PL βœ“ten sam produkt

AutomationDirect P3-550E β€” code injection przez plik scan_lib.bin

CVE-2024-22187CRITICAL9.1PL βœ“ten sam produkt

Dowolny zapis w pamiΔ™ci (write-what-where) w AutomationDirect P3-550E

CVE-2024-24851HIGH7.5ten sam produkt

A heap-based buffer overflow vulnerability exists in the Programming Software Connection FiBurn functionality ...

CVE-2024-24962 β€” Automationdirect β€” P1-540 β€” CRITICAL β€” CVSS 9.8 | CVEbaza.pl