CVE-2024-12650

CWE-252Unchecked Return Value3 documents3 sources
Severity
5.4MEDIUM
EPSS
0.1%
top 64.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
12
Wago Cc100 0751-9x01Wago Edge Controller 0752-8303/8000-0002Wago Pfc100 G1 0750-810x/xxxx-xxxx+9 more
Timeline
PublishedMar 5

Description

An attacker with low privileges can manipulate the requested memory size, causing the application to use an invalid memory area. This could lead to a crash of the application but it does not affected other applications.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:LExploitability: 2.8 | Impact: 2.5

Affected Packages12 packages

CVEListV5wago/cc100_0751-9x01< 04.07.01
CVEListV5wago/tp600_0762-420x/8000-000x< 04.07.01
CVEListV5wago/tp600_0762-430x/8000-000x< 04.07.01
CVEListV5wago/tp600_0762-520x/8000-000x< 04.07.01
CVEListV5wago/tp600_0762-530x/8000-000x< 04.07.01

🔴Vulnerability Details

2
CVEList
Wago: Vulnerability in libwagosnmp2025-03-05
GHSA
GHSA-6vwc-64mx-78v2: An attacker with low privileges can manipulate the requested memory size, causing the application to use an invalid memory area2025-03-05
CVE-2024-12650 (MEDIUM CVSS 5.4) | An attacker with low privileges can | cvebase.io