CVE-2024-9409

Summary

CWE-400: An Uncontrolled Resource Consumption vulnerability exists that could cause the device to become unresponsive resulting in communication loss when a large amount of IGMP packets is present in the network.

Affected Software

VendorProductVersion RangeStatus
Schneider ElectricPowerLogic PM5320Version 2.3.8 and prioraffected
Schneider ElectricPowerLogic PM5340Version 2.3.8 and prioraffected
Schneider ElectricPowerLogic PM5341Version 2.6.6 and prioraffected

Weaknesses

  • CWE-400: CWE-400 Uncontrolled Resource Consumption

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References