CVE-2024-39791

CRITICAL

10.0

Description

Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to execute arbitrary code.

CVE Details

CVSS v3.1 Score10.0

SeverityCRITICAL

CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack VectorNETWORK

ComplexityLOW

Privileges RequiredNONE

User InteractionNONE

Published8/12/2024

Last Modified8/20/2024

Sourcenvd

Honeypot Sightings0

Affected Products

vonets:vap11acvonets:vap11ac_firmwarevonets:vap11gvonets:vap11g-300vonets:vap11g-300_firmwarevonets:vap11g-500vonets:vap11g-500_firmwarevonets:vap11g-500svonets:vap11g-500s_firmwarevonets:vap11g_firmwarevonets:vap11n-300vonets:vap11n-300_firmwarevonets:vap11svonets:vap11s-5gvonets:vap11s-5g_firmwarevonets:vap11s_firmwarevonets:var11n-300vonets:var11n-300_firmwarevonets:var1200-hvonets:var1200-h_firmwarevonets:var1200-lvonets:var1200-l_firmwarevonets:var600-hvonets:var600-h_firmwarevonets:vbg1200vonets:vbg1200_firmwarevonets:vga-1000vonets:vga-1000_firmware

Weaknesses (CWE)

CWE-121CWE-787

References

https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08(ics-cert@hq.dhs.gov)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.