CVE-2024-2466: libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly…

Siemens SINEC NMS ICS Advisory ## Siemens SINEC NMS Release DateNovember 14, 2024 Alert CodeICSA-24-319-04 Related topics: Industrial Control System Vulnerabilities, Industrial Control Systems As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF ## 1. EXECUTIVE SUMMARY - CVSS v4 8.3 - ATTENTION: Exploitable remotely/low attack complexity - Vendor: Siemens - Equipment: SINEC NMS - Vulnerabilities: Improper Input Validation, Improper Check for Unusual or Exceptional Conditions, Out-of-bounds Write, Uncontro

[CRITICAL] Siemens SINEMA ICS Advisory ## Siemens SINEMA Release DateSeptember 12, 2024 Alert CodeICSA-24-256-10 As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF ## 1. EXECUTIVE SUMMARY - CVSS v4 5.3 - ATTENTION: Exploitable remotely/low attack complexity - Vendor: Siemens - Equipment: SINEMA - Vulnerabilities: Use After Free, Improper Input Validation, Improper Certificate Validation, Missing Release of Resource after Effective Lifetime, Improper Validation of Certificate with Host Mismatch, Insufficient Sessi

CVE-2024-2466 [MEDIUM] CVE-2024-2466: macOS Sonoma 14.6 Apple Security Update: About the security content of macOS Sonoma 14.6 Product: macOS Sonoma Version: 14.6 CVE: CVE-2024-2466 Component: CVE-2024-2466

CVE-2024-2466 [MEDIUM] CVE-2024-2466: macOS Ventura 13.6.8 Apple Security Update: About the security content of macOS Ventura 13.6.8 Product: macOS Ventura Version: 13.6.8 CVE: CVE-2024-2466 Component: CVE-2024-2466

CVE-2024-2466 [MEDIUM] CVE-2024-2466: macOS Monterey 12.7.6 Apple Security Update: About the security content of macOS Monterey 12.7.6 Product: macOS Monterey Version: 12.7.6 CVE: CVE-2024-2466 Component: CVE-2024-2466

CVE-2024-2466 [MEDIUM] CWE-297 curl: TLS certificate check bypass with mbedTLS curl: TLS certificate check bypass with mbedTLS libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate check. This affects all uses of TLS protocols (HTTPS, FTPS, IMAPS, POPS3, SMTPS, etc). A flaw was found in curl. When curl is built to use mbedTLS as the TLS backend, it does not check the server certificate of TLS connections done to a host specified as an IP address. Statement: The curl package as shipped by Red Hat Enterprise Linux and RHSCL is not affected by this vulnerability because it does not have support for mbedTLS. Package: curl (Red Ha

CVE-2024-2466 [MEDIUM] CWE-297 TLS certificate check bypass with mbedTLS TLS certificate check bypass with mbedTLS FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this. Mariner: Mariner curl: curl Customer Action Required: Yes Remediation: CBL-Mariner Releases Reference: https://learn.microsoft.com/e

CVE-2024-2466 [MEDIUM] CVE-2024-2466: curl - libcurl did not check the server certificate of TLS connections done to a host s... libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate check. This affects all uses of TLS protocols (HTTPS, FTPS, IMAPS, POPS3, SMTPS, etc). Scope: local bookworm: resolved bullseye: resolved forky: resolved (fixed in 8.7.1-1) sid: resolved (fixed in 8.7.1-1) trixie: resolved (fixed in 8.7.1-1)

CVE-2024-2466 [MEDIUM] CWE-297 GHSA-9xr6-qf7m-2jv5: libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate check. This affects all uses of TLS protocols (HTTPS, FTPS, IMAPS, POPS3, SMTPS, etc).

CVE-2024-2466 [MEDIUM] CVE-2024-2466: libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate check. This affects all uses of TLS protocols (HTTPS, FTPS, IMAPS, POPS3, SMTPS, etc).

CVE-2024-2466 [MEDIUM] CVE-2024-2466: TLS certificate check bypass with mbedTLS (reward request) CVE-2024-2466: TLS certificate check bypass with mbedTLS (reward request) For reward request. Please refer to this report issue from curl: https://hackerone.com/reports/2416725 And already published at here: https://curl.se/docs/CVE-2024-2466.html ## Impact Reference from above. CVE-2024-2466 TLS certificate check bypass with mbedTLS VULNERABILITY libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate check. This affects all uses of TLS protocols (HTTPS, FTPS, IMAPS, POPS3, SMTPS, etc). INFO Since the SNI field is not set when using a hostname

CVE-2024-2466 [MEDIUM] CVE-2024-2466: TLS certificate check bypass with mbedTLS CVE-2024-2466: TLS certificate check bypass with mbedTLS ## Summary: Curl library has a security vulnerability where the certificate name check is bypassed when connecting to a host via its IP address. This could potentially introduce spoofing attacks or unauthorized access due to unverified server certificate. This issue only affects the Curl with MbedTLS. - Affected versions: from libcurl 8.5.0 to and including 8.6.0 (current master versions at the time of writing) - Not affected versions: libcurl 8.4.0 and earlier This issue affect all kinds of protocol over TLS session, e.g. HTTPS, FTPS, SMTPS, etc. ## Steps To Reproduce: ### (Preparation) Download and build the Curl with MbedTLS: *Skip this step if you already have the Curl (>= 8.5.0) with MbedTLS.* Before building the code,

CVE-2024-2466 [MEDIUM] CVE-2024-2466 curl: TLS certificate check bypass with mbedTLS CVE-2024-2466 curl: TLS certificate check bypass with mbedTLS libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate check. This affects all uses of TLS protocols (HTTPS, FTPS, IMAPS, POPS3, SMTPS, etc). Since the SNI field is not set when using a hostname set as an IP address, many requests will fail to communicate with the correct endpoint or get the correct data. Somewhat lessening the possible impact. Not all versions of mbedTLS supports server certificate checks for IP addresses, so when this issue is fixed all attempts to connect directly to a