CVE-2024-24782

Summary

An unauthenticated attacker can send a ping request from one network to another through an error in the origin verification even though the ports are separated by VLAN.

Affected Software

VendorProductVersion RangeStatus
HIMAF30 03X YY (COM)0 <= 24.14affected
HIMAF30 03X YY (CPU)0 <= 18.6affected
HIMAF35 03X YY (COM)0 <= 24.14affected
HIMAF35 03X YY (CPU)0 <= 18.6affected
HIMAF60 CPU 03X YY (COM)0 <= 24.14affected
HIMAF60 CPU 03X YY (CPU)0 <= 18.6affected
HIMAF-COM 010 <= 14.12affected
HIMAF-COM 01 coated0 <= 14.12affected
HIMAF-CPU 010 <= 14.6affected
HIMAF-CPU 01 coated0 <= 14.6affected
HIMAX-COM 01 E YY0 <= 15.14affected
HIMAX-COM 01 YY0 <= 14.12affected
HIMAX-CPU 010 <= 14.6affected
HIMAX-CPU 310 <= 14.6affected

Weaknesses

  • CWE-346: CWE-346 Origin Validation Error

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References