Vulnerability CVE-2024-31484
Published: 2024-05-14

Description:
A vulnerability has been identified in CPC80 Central Processing/Communication (All versions < V16.41), CPCI85 Central Processing/Communication (All versions < V5.30). The affected device firmwares contain an improper null termination vulnerability while parsing a specific HTTP header. This could allow an attacker to execute code in the context of the current process or lead to denial of service condition.

See advisories in our WLB2 database:
Topic
Author
Date
High
Siemens Unlocked JTAG Interface / Buffer Overflow
Stefan Viehboeck
05.12.2024

Type:

CWE-119

 (Improper Restriction of Operations within the Bounds of a Memory Buffer)

 References:
https://cert-portal.siemens.com/productcert/html/ssa-871704.html
Copyright 2024, cxsecurity.com

 

Back to Top