CVE-2024-2011

A heap-based buffer overflow vulnerability exists in the FOXMAN-UN/UNEM that if exploited will generally lead to a denial of service but can be used to execute arbitrary code, which is usually outside the scope of a program's implicit security policy
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:hitachienergy:foxman-un:r15a:*:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:foxman-un:r15b:pc4:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:foxman-un:r16a:*:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:foxman-un:r16b:pc2:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:unem:r15a:*:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:unem:r15b:pc4:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:unem:r16a:*:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:unem:r16b:pc2:*:*:*:*:*:*

History

15 Aug 2024, 21:25

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 8.6
v2 : unknown
v3 : 9.8
CWE CWE-787
CPE cpe:2.3:a:hitachienergy:foxman-un:r16b:pc2:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:unem:r16b:pc2:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:unem:r15b:pc4:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:foxman-un:r16a:*:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:foxman-un:r15a:*:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:unem:r16a:*:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:unem:r15a:*:*:*:*:*:*:*
cpe:2.3:a:hitachienergy:foxman-un:r15b:pc4:*:*:*:*:*:*
First Time Hitachienergy unem
Hitachienergy
Hitachienergy foxman-un
References () https://publisher.hitachienergy.com/preview?DocumentId=8DBD000194&languageCode=en&Preview=true - () https://publisher.hitachienergy.com/preview?DocumentId=8DBD000194&languageCode=en&Preview=true - Vendor Advisory
References () https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true - () https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true - Vendor Advisory

13 Jun 2024, 18:36

Type Values Removed Values Added
Summary
  • (es) Existe una vulnerabilidad de desbordamiento de búfer basada en montón en FOXMAN-UN/UNEM que, si se explota, generalmente conducirá a una denegación de servicio, pero puede usarse para ejecutar código arbitrario, lo que generalmente está fuera del alcance de la política de seguridad implícita de un programa.

11 Jun 2024, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-11 14:15

Updated : 2024-08-15 21:25


NVD link : CVE-2024-2011

Mitre link : CVE-2024-2011

CVE.ORG link : CVE-2024-2011


JSON object : View

Products Affected

hitachienergy

  • foxman-un
  • unem
CWE
CWE-787

Out-of-bounds Write

CWE-122

Heap-based Buffer Overflow