cbcvebase.
CVE-2024-23814
published 2025-02-11

CVE-2024-23814: The integrated ICMP service of the network stack of affected devices can be forced to exhaust its available memory resources when receiving specially crafted…

medium6.9CVSS 4.0
AVNACLATNPRNUINVCNVINVALSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
The integrated ICMP service of the network stack of affected devices can be forced to exhaust its available memory resources when receiving specially crafted messages targeting IP fragment re-assembly. This could allow an unauthenticated remote attacker to cause a temporary denial of service condition of the ICMP service, other communication services are not affected. Affected devices will resume normal operation after the attack terminates.

Affected

136 ranges· showing 25
VendorProductVersion rangeFixed in
siemenssidoor_atd430w< **
siemenssidoor_ate530g_coated< **
siemenssidoor_ate530s_coated< **
siemenssimatic_cfu_diq< V2.0.0V2.0.0
siemenssimatic_cfu_pa< V2.0.0V2.0.0
siemenssimatic_cfu_pa< V2.0V2.0
siemenssimatic_et_200al_im_157-1_pn< **
siemenssimatic_et_200m_im_153-4_pn_io_hf< **
siemenssimatic_et_200m_im_153-4_pn_io_st< **
siemenssimatic_et_200mp_im_155-5_pn_ba< **
siemenssimatic_et_200mp_im_155-5_pn_hf< **
siemenssimatic_et_200mp_im_155-5_pn_st< **
siemenssimatic_et_200pro_im_154-3_pn_hf< **
siemenssimatic_et_200pro_im_154-4_pn_hf< **
siemenssimatic_et_200pro_im_154-8_pn_dp_cpu< **
siemenssimatic_et_200pro_im_154-8f_pn_dp_cpu< **
siemenssimatic_et_200pro_im_154-8fx_pn_dp_cpu< **
siemenssimatic_et_200s_im_151-3_pn_fo< **
siemenssimatic_et_200s_im_151-3_pn_hf< **
siemenssimatic_et_200s_im_151-3_pn_hs< **
siemenssimatic_et_200s_im_151-3_pn_st< **
siemenssimatic_et_200s_im_151-8_pn_dp_cpu< **
siemenssimatic_et_200s_im_151-8f_pn_dp_cpu< **
siemenssimatic_et_200sp_cpu_1510sp-1_pn< **
siemenssimatic_et_200sp_cpu_1510sp_f-1_pn< **