CVE-2024-25137
4.3
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Summary
In AutomationDirect C-MORE EA9 HMI there is a program that copies a buffer of a size controlled by the user into a limited sized buffer on the stack which may lead to a stack overflow. The result of this stack-based buffer overflow can lead to denial-of-service conditions.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| AutomationDirect | C-MORE EA9 HMI EA9-T6CL | 0 <= 6.77 | affected |
| AutomationDirect | C-MORE EA9 HMI EA9-T7CL | 0 <= 6.77 | affected |
| AutomationDirect | C-MORE EA9 HMI EA0-T7CL-R | 0 <= 6.77 | affected |
| AutomationDirect | C-MORE EA9 HMI EA9-T8CL | 0 <= 6.77 | affected |
| AutomationDirect | C-MORE EA9 HMI EA9-T10CL | 0 <= 6.77 | affected |
| AutomationDirect | C-MORE EA9 HMI EA9-T10WCL | 0 <= 6.77 | affected |
| AutomationDirect | C-MORE EA9 HMI EA9-T12CL | 0 <= 6.77 | affected |
| AutomationDirect | C-MORE EA9 HMI EA9-T15CL | 0 <= 6.77 | affected |
| AutomationDirect | C-MORE EA9 HMI EA9-T15CL-R | 0 <= 6.77 | affected |
| AutomationDirect | C-MORE EA9 HMI EA9-RHMI | 0 <= 6.77 | affected |
| AutomationDirect | C-MORE EA9 HMI EA9-PGMSW | 0 <= 6.77 | affected |
Weaknesses
- CWE-121: CWE-121
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.