CVE-2024-6876 | THREATINT

Description

Out-of-Bounds read vulnerability in OSCAT Basic Library allows an local, unprivileged attacker to access limited internal data of the PLC which may lead to a crash of the affected service.

PUBLISHED Reserved 2024-07-18 | Published 2024-09-10 | Updated 2024-10-01 | Assigner CERTVDE

MEDIUM: 4.4CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

Problem types

CWE-125 Out-of-bounds Read

Product status

Default status

unaffected

Any version before 3.3.5

affected

Default status

unaffected

Any version before 335

affected

Default status

unaffected

0.0.0 (semver) before <3.3.5.0

affected

Credits

Corban Villa finder

Hithem Lamri finder

Constantine Doumanidis finder

Michail Maniatakos finder

Modern Microprocessors Architecture (MoMA) Lab at NYU Abu Dhabi reporter

CODESYS coordinator

References

customers.codesys.com/...ff70b17a2370fedf07e073034&download=

certvde.com/en/advisories/VDE-2024-046/

cve.org (CVE-2024-6876)

nvd.nist.gov (CVE-2024-6876)