CVE-2024-23601
published 2024-05-28CVE-2024-23601: A code injection vulnerability exists in the scan_lib.bin functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted scan_lib.bin can lead to…
PriorityP352critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.72%
49.3th percentile
A code injection vulnerability exists in the scan_lib.bin functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted scan_lib.bin can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| automationdirect | p1-540_firmware | — | — |
| automationdirect | p1-540_firmware | — | — |
| automationdirect | p1-550_firmware | — | — |
| automationdirect | p1-550_firmware | — | — |
| automationdirect | p2-550_firmware | — | — |
| automationdirect | p2-550_firmware | — | — |
| automationdirect | p3-530_firmware | — | — |
| automationdirect | p3-530_firmware | — | — |
| automationdirect | p3-550_firmware | — | — |
| automationdirect | p3-550_firmware | — | — |
| automationdirect | p3-550e | — | — |
| automationdirect | p3-550e_firmware | — | — |
| automationdirect | p3-550e_firmware | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Talos
Attackers are impersonating a road toll payment processor across the U.S. in phishing attacks
blogs_talos·2024-05-30
Attackers are impersonating a road toll payment processor across the U.S. in phishing attacks
My wife (no stranger to weird types of scams) recently received a fake text message from someone claiming to be New Jersey’s E-ZPass program saying that she had an outstanding balance from highway tolls that she owed, prompting her to visit a site so she could pay and avoid additional fines.
There was plenty of reason to believe this was a legitimate ask. Her family is from New Jersey, so we make frequent trips there, paying $20-plus in tolls along the way. We had also just completed a trip from there a few weeks prior (though I’m not sure if this was a coincidence to the timing of the spam text or not), and we both have E-ZPass accounts.
For the uninitiated, or anyone who lives in a country where taxes are paid as normal and therefore pay for appropriate road repairs, E-ZPass is a small
Talos
Attackers are impersonating a road toll payment processor across the U.S. in phishing attacks
blogs_talos·2024-05-30
Attackers are impersonating a road toll payment processor across the U.S. in phishing attacks
## Attackers are impersonating a road toll payment processor across the U.S. in phishing attacks
My wife ( no stranger to weird types of scams ) recently received a fake text message from someone claiming to be New Jersey’s E-ZPass program saying that she had an outstanding balance from highway tolls that she owed, prompting her to visit a site so she could pay and avoid additional fines.
There was plenty of reason to believe this was a legitimate ask. Her family is from New Jersey, so we make frequent trips there, paying $20-plus in tolls along the way. We had also just completed a trip from there a few weeks prior (though I’m not sure if this was a coincidence to the timing of the spam text or not), and we both have E-ZPass accounts.
For the uninitiated, or anyone who lives in a count
Talos
Out-of-bounds reads in Adobe Acrobat; Foxit PDF Reader contains vulnerability that could lead to SYSTEM-level privileges
blogs_talos·2024-05-29·CVSS 5.5
[MEDIUM] Out-of-bounds reads in Adobe Acrobat; Foxit PDF Reader contains vulnerability that could lead to SYSTEM-level privileges
Cisco Talos’ Vulnerability Research team has helped to disclose and patch more than 20 vulnerabilities over the past three weeks, including two in the popular Adobe Acrobat Reader software.
Acrobat, one of the most popular PDF readers currently available, contains two out-of-bounds read vulnerabilities that could lead to the exposure of sensitive contents of arbitrary memory in the application.
There are also eight vulnerabilities in a popular line of PLC CPU modules commonly used in automated environments.
All the vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets fro
https://community.automationdirect.com/s/internal-database-security-advisory/a4GPE0000003ycL2AQ/sa00039https://talosintelligence.com/vulnerability_reports/TALOS-2024-1943https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1943https://community.automationdirect.com/s/internal-database-security-advisory/a4GPE0000003ycL2AQ/sa00039https://talosintelligence.com/vulnerability_reports/TALOS-2024-1943https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1943
2024-05-28
Published