CVE-2024-22808

Published: Apr 22, 2024Modified: Sep 15, 2025

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a Denial of Service (DoS) by disrupting the communication between the PathPilot controller and the CNC router via overwriting the card's name in the device memory.

Affected (1)

Products: Tormach: Pathpilot Controller

1 product

Pathpilot Controller

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Tormach Pathpilot Controller	Version 2.9.6

Running on/with	Platform Versions
Tormach Xstech Cnc Router	All versions

Related CWEs

Insecure Storage of Sensitive Information

The product stores sensitive information without properly limiting read or write access by unauthorized actors.

References (2)

https://gist.github.com/VcuCyber/51075894d1728db07fc2df286c003df9

Source: cve@mitre.org

Third Party Advisory

https://gist.github.com/VcuCyber/51075894d1728db07fc2df286c003df9

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.