← Back

CVE-2024-34057

nvd nist
Published: Sep 18, 2024Modified: Sep 25, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

Triangle Microworks TMW IEC 61850 Client source code libraries before 12.2.0 lack a buffer size check when processing received messages. The resulting buffer overflow can cause a crash, resulting in a denial of service.

Affected (6)

Trianglemicroworks
1 product
Iec 61850 Source Code Library
Siemens
5 products
Sicam A8000 Firmware
Sicam Scc Firmware
Sicam Egs Firmware
Sicam S8000
Sitipe At
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Iec 61850 Source Code Library
Before 12.2.0
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sicam A8000 Firmware
Before 05.30
Running on/withPlatform Versions
Siemens
Sicam A8000
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sicam Scc Firmware
Before 10.0
Running on/withPlatform Versions
Siemens
Sicam Scc
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sicam Egs Firmware
Before 05.30
Running on/withPlatform Versions
Siemens
Sicam Egs
All versions
Configuration E
2 vulnerable
Vulnerable SoftwareAffected Versions
Sicam S8000
Before 05.30
Sitipe At
All versions

Related CWEs

CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (2)

Source: cve@mitre.org
Release Notes
Source: cve@mitre.org
Third Party AdvisoryUS Government Resource

Timeline

No history available yet.