CVE-2024-9409

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-9409
CWE-400: An Uncontrolled Resource Consumption vulnerability exists that could cause the device to become unresponsive resulting in communication loss when a large amount of IGMP packets is present in the network.

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://download.schneider-electric.com/doc/SEVD-2024-317-01/SEVD-2024-317-01.pdf Mitigation Patch Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:schneider-electric:powerlogic_pm5341_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:powerlogic_pm5341:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:schneider-electric:powerlogic_pm5340_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:powerlogic_pm5340:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:schneider-electric:powerlogic_pm5320_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:powerlogic_pm5320:-:*:*:*:*:*:*:*
History

19 Nov 2024, 15:59

Type Values Removed Values Added
CPE cpe:2.3:h:schneider-electric:powerlogic_pm5340:-:*:*:*:*:*:*:*
cpe:2.3:o:schneider-electric:powerlogic_pm5341_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:powerlogic_pm5320:-:*:*:*:*:*:*:*
cpe:2.3:o:schneider-electric:powerlogic_pm5320_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:schneider-electric:powerlogic_pm5340_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:powerlogic_pm5341:-:*:*:*:*:*:*:*
References () https://download.schneider-electric.com/doc/SEVD-2024-317-01/SEVD-2024-317-01.pdf - () https://download.schneider-electric.com/doc/SEVD-2024-317-01/SEVD-2024-317-01.pdf - Mitigation, Patch, Vendor Advisory
First Time Schneider-electric powerlogic Pm5341
Schneider-electric powerlogic Pm5340
Schneider-electric
Schneider-electric powerlogic Pm5320
Schneider-electric powerlogic Pm5320 Firmware
Schneider-electric powerlogic Pm5341 Firmware
Schneider-electric powerlogic Pm5340 Firmware

13 Nov 2024, 17:01

Type Values Removed Values Added
Summary
  • (es) CWE-400: Existe una vulnerabilidad de consumo descontrolado de recursos que podría provocar que el dispositivo deje de responder y produzca pérdida de comunicación cuando hay una gran cantidad de paquetes IGMP en la red.

13 Nov 2024, 05:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-11-13 05:15

Updated : 2024-11-19 15:59

NVD link : CVE-2024-9409

Mitre link : CVE-2024-9409

CVE.ORG link : CVE-2024-9409

JSON object : View

Products Affected

schneider-electric

  • powerlogic_pm5320_firmware
  • powerlogic_pm5341_firmware
  • powerlogic_pm5320
  • powerlogic_pm5341
  • powerlogic_pm5340
  • powerlogic_pm5340_firmware
CWE
CWE-400

Uncontrolled Resource Consumption


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024