CVE-2024-22104

Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS).
Configurations

Configuration 1 (hide)

cpe:2.3:a:jungo:windriver:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:mitsubishielectric:cpu_module_logging_configuration_tool:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:cw_configurator:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:data_transfer:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:data_transfer_classic:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:ezsocket:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:fr_configurator_sw3:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:fr_configurator2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:genesis64:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gt_got1000:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gt_got2000:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gt_softgot1000:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gt_softgot2000:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_developer:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_logviewer:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_works2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_works3:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:iq_works:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mi_configurator:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mr_configurator:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mr_configurator2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mx_component:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mx_opc_server_da\/ua:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:numerical_control_device_communication:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:px_developer\/monitor_tool:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:rt_toolbox3:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:rt_visualbox:*:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:mitsubishielectric:mrzjw3-mc2-utl_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:mrzjw3-mc2-utl:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:mitsubishielectric:sw0dnc-mneth-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw0dnc-mneth-b:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:mitsubishielectric:sw1dnc-ccbd2-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnc-ccbd2-b:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:mitsubishielectric:sw1dnc-ccief-j_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnc-ccief-j:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:mitsubishielectric:sw1dnc-ccief-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnc-ccief-b:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:mitsubishielectric:sw1dnc-mnetg-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnc-mnetg-b:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:mitsubishielectric:sw1dnc-qsccf-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnc-qsccf-b:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:mitsubishielectric:sw1dnd-emsdk-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnd-emsdk-b:-:*:*:*:*:*:*:*

History

08 Jul 2024, 14:17

Type Values Removed Values Added
CWE CWE-400

05 Jul 2024, 17:03

Type Values Removed Values Added
CWE CWE-787
First Time Mitsubishielectric gx Works2
Mitsubishielectric sw1dnc-ccief-b
Mitsubishielectric mi Configurator
Mitsubishielectric sw1dnc-mnetg-b
Mitsubishielectric cpu Module Logging Configuration Tool
Mitsubishielectric sw1dnd-emsdk-b Firmware
Mitsubishielectric
Mitsubishielectric sw0dnc-mneth-b Firmware
Mitsubishielectric data Transfer Classic
Mitsubishielectric mx Component
Mitsubishielectric sw1dnc-ccief-j
Mitsubishielectric iq Works
Mitsubishielectric cw Configurator
Mitsubishielectric sw1dnc-qsccf-b Firmware
Mitsubishielectric gx Developer
Mitsubishielectric mr Configurator2
Mitsubishielectric sw0dnc-mneth-b
Mitsubishielectric fr Configurator Sw3
Mitsubishielectric fr Configurator2
Mitsubishielectric gt Softgot1000
Mitsubishielectric gx Works3
Mitsubishielectric gt Got2000
Mitsubishielectric sw1dnc-ccbd2-b
Mitsubishielectric rt Toolbox3
Mitsubishielectric rt Visualbox
Mitsubishielectric sw1dnc-ccbd2-b Firmware
Mitsubishielectric data Transfer
Mitsubishielectric genesis64
Mitsubishielectric sw1dnc-ccief-j Firmware
Mitsubishielectric mr Configurator
Mitsubishielectric sw1dnc-ccief-b Firmware
Mitsubishielectric ezsocket
Mitsubishielectric sw1dnc-qsccf-b
Mitsubishielectric px Developer\/monitor Tool
Mitsubishielectric mrzjw3-mc2-utl Firmware
Mitsubishielectric gt Softgot2000
Mitsubishielectric numerical Control Device Communication
Mitsubishielectric mrzjw3-mc2-utl
Mitsubishielectric sw1dnc-mnetg-b Firmware
Mitsubishielectric mx Opc Server Da\/ua
Mitsubishielectric sw1dnd-emsdk-b
Mitsubishielectric gx Logviewer
Jungo windriver
Jungo
Mitsubishielectric gt Got1000
Summary
  • (es) La vulnerabilidad de escritura fuera de los límites en Jungo WinDriver anterior a 12.5.1 permite a atacantes locales provocar un error de pantalla azul de Windows y denegación de servicio (DoS).
References () https://jungo.com/windriver/versions/ - () https://jungo.com/windriver/versions/ - Release Notes
References () https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04 - () https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04 - Third Party Advisory, US Government Resource
References () https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf - () https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf - Third Party Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
CPE cpe:2.3:o:mitsubishielectric:sw1dnc-mnetg-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mr_configurator2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mx_opc_server_da\/ua:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gt_softgot2000:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw0dnc-mneth-b:-:*:*:*:*:*:*:*
cpe:2.3:o:mitsubishielectric:sw0dnc-mneth-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:mrzjw3-mc2-utl:-:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:numerical_control_device_communication:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_developer:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnc-ccief-j:-:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mr_configurator:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gt_softgot1000:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_logviewer:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:iq_works:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:cpu_module_logging_configuration_tool:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:rt_visualbox:*:*:*:*:*:*:*:*
cpe:2.3:o:mitsubishielectric:mrzjw3-mc2-utl_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnc-mnetg-b:-:*:*:*:*:*:*:*
cpe:2.3:o:mitsubishielectric:sw1dnc-qsccf-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnc-ccief-b:-:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:genesis64:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:fr_configurator2:*:*:*:*:*:*:*:*
cpe:2.3:o:mitsubishielectric:sw1dnc-ccief-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnc-qsccf-b:-:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mx_component:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:rt_toolbox3:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:cw_configurator:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:data_transfer:*:*:*:*:*:*:*:*
cpe:2.3:o:mitsubishielectric:sw1dnc-ccief-j_firmware:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:px_developer\/monitor_tool:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:fr_configurator_sw3:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnc-ccbd2-b:-:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gt_got2000:*:*:*:*:*:*:*:*
cpe:2.3:a:jungo:windriver:*:*:*:*:*:*:*:*
cpe:2.3:o:mitsubishielectric:sw1dnd-emsdk-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:data_transfer_classic:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_works3:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_works2:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnd-emsdk-b:-:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gt_got1000:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mi_configurator:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:ezsocket:*:*:*:*:*:*:*:*
cpe:2.3:o:mitsubishielectric:sw1dnc-ccbd2-b_firmware:*:*:*:*:*:*:*:*

02 Jul 2024, 16:15

Type Values Removed Values Added
Summary (en) Out-of-Bounds Write vulnerability in Jungo WinDriver 12.5.1 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS). (en) Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS).

02 Jul 2024, 15:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-02 15:15

Updated : 2024-07-08 14:17


NVD link : CVE-2024-22104

Mitre link : CVE-2024-22104

CVE.ORG link : CVE-2024-22104


JSON object : View

Products Affected

mitsubishielectric

  • mx_component
  • mrzjw3-mc2-utl_firmware
  • sw1dnc-mnetg-b_firmware
  • gt_softgot1000
  • gx_works3
  • gt_softgot2000
  • mi_configurator
  • rt_toolbox3
  • sw1dnd-emsdk-b
  • mr_configurator
  • data_transfer_classic
  • sw1dnc-qsccf-b_firmware
  • sw0dnc-mneth-b
  • sw1dnc-ccief-b_firmware
  • px_developer\/monitor_tool
  • cw_configurator
  • rt_visualbox
  • ezsocket
  • gx_developer
  • sw1dnc-ccbd2-b
  • sw1dnc-qsccf-b
  • mr_configurator2
  • fr_configurator_sw3
  • data_transfer
  • iq_works
  • mx_opc_server_da\/ua
  • numerical_control_device_communication
  • fr_configurator2
  • sw0dnc-mneth-b_firmware
  • gt_got1000
  • sw1dnc-ccief-j
  • mrzjw3-mc2-utl
  • sw1dnc-ccief-b
  • sw1dnd-emsdk-b_firmware
  • gx_logviewer
  • cpu_module_logging_configuration_tool
  • sw1dnc-ccbd2-b_firmware
  • gt_got2000
  • sw1dnc-mnetg-b
  • sw1dnc-ccief-j_firmware
  • gx_works2
  • genesis64

jungo

  • windriver
CWE
CWE-787

Out-of-bounds Write

CWE-400

Uncontrolled Resource Consumption