CVE-2024-23911

Summary

Out-of-bounds read vulnerability caused by improper checking of the option length values in IPv6 NDP packets exists in Cente middleware TCP/IP Network Series, which may allow an unauthenticated attacker to stop the device operations by sending a specially crafted packet.

Affected Software

VendorProductVersion RangeStatus
DMG MORI Digital Co., LTD. and NEXT Co., Ltd.Cente IPv6Ver.1.51 and earlieraffected
DMG MORI Digital Co., LTD. and NEXT Co., Ltd.Cente IPv6 SNMPv2Ver.2.30 and earlieraffected
DMG MORI Digital Co., LTD. and NEXT Co., Ltd.Cente IPv6 SNMPv3Ver.2.30 and earlieraffected

Weaknesses

  • Out-of-bounds read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

CVE Program Container

Additional References

References