CVE-2024-24781

Published: Feb 13, 2024Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: info@cert.vde.com (Secondary)

Description

An unauthenticated remote attacker can use an uncontrolled resource consumption vulnerability to DoS the affected devices through excessive traffic on a single ethernet port.

Affected (13)

Products: Hima: F30 03x Yy (com) Firmware, F30 03x Yy (cpu) Firmware, F35 03x Yy (com) Firmware, F35 03x Yy (cpu) Firmware, F60 Cpu 03x Yy (com) Firmware, F60 Cpu 03x Yy (cpu) Firmware, F Com 01 Firmware, F Cpu 01 Firmware, X Com 01 E Yy Firmware, X Com 01 Yy Firmware, X Cpu 01 Firmware, X Cpu 31 Firmware, X Sb 01 Firmware

Hima

13 products

F30 03x Yy (com) Firmware

F30 03x Yy (cpu) Firmware

F35 03x Yy (com) Firmware

F35 03x Yy (cpu) Firmware

F60 Cpu 03x Yy (com) Firmware

F60 Cpu 03x Yy (cpu) Firmware

F Com 01 Firmware

F Cpu 01 Firmware

X Com 01 E Yy Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hima F30 03x Yy (com) Firmware	Up to 24.14

Running on/with	Platform Versions
Hima F30 03x Yy (com)	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hima F30 03x Yy (cpu) Firmware	Up to 18.6

Running on/with	Platform Versions
Hima F30 03x (cpu) Yy	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hima F35 03x Yy (com) Firmware	Up to 24.14

Running on/with	Platform Versions
Hima F35 03x Yy (com)	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hima F35 03x Yy (cpu) Firmware	Up to 18.6

Running on/with	Platform Versions
Hima F35 03x Yy (cpu)	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hima F60 Cpu 03x Yy (com) Firmware	Up to 24.14

Running on/with	Platform Versions
Hima F60 Cpu 03x Yy (com)	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hima F60 Cpu 03x Yy (cpu) Firmware	Up to 18.6

Running on/with	Platform Versions
Hima F60 Cpu 03x Yy (cpu)	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hima F Com 01 Firmware	Up to 14.12

Running on/with	Platform Versions
Hima F Com 01	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hima F Cpu 01 Firmware	Up to 14.16

Running on/with	Platform Versions
Hima F Cpu 01	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hima X Com 01 E Yy Firmware	Up to 15.14

Running on/with	Platform Versions
Hima X Com 01 E Yy	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hima X Com 01 Yy Firmware	Up to 14.12

Running on/with	Platform Versions
Hima X Com 01 Yy	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hima X Cpu 01 Firmware	Up to 14.16

Running on/with	Platform Versions
Hima X Cpu 01	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hima X Cpu 31 Firmware	Up to 14.16

Running on/with	Platform Versions
Hima X Cpu 31	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hima X Sb 01 Firmware	Up to 7.54

Running on/with	Platform Versions
Hima X Sb 01	All versions

Related CWEs

CWE-400

Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (2)

https://cert.vde.com/en/advisories/VDE-2024-013

Source: info@cert.vde.com

MitigationThird Party Advisory

https://cert.vde.com/en/advisories/VDE-2024-013

Source: af854a3a-2127-422b-91ae-364da2661108

MitigationThird Party Advisory

Timeline

No history available yet.