CVE-2024-24781 - Vulnerability Details

An unauthenticated remote attacker can use an uncontrolled resource consumption vulnerability to DoS the affected devices through excessive traffic on a single ethernet port.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Hima	F-com 01 F-com 01 Firmware F-cpu 01 F-cpu 01 Firmware F30 03x \(cpu\) Yy F30 03x Yy \(com\) F30 03x Yy \(com\) Firmware F30 03x Yy \(cpu\) Firmware F35 03x Yy \(com\) F35 03x Yy \(com\) Firmware F35 03x Yy \(cpu\) F35 03x Yy \(cpu\) Firmware F60 Cpu 03x Yy \(com\) F60 Cpu 03x Yy \(com\) Firmware F60 Cpu 03x Yy \(cpu\) F60 Cpu 03x Yy \(cpu\) Firmware X-com 01 E Yy X-com 01 E Yy Firmware X-com 01 Yy X-com 01 Yy Firmware X-cpu 01 X-cpu 01 Firmware X-cpu 31 X-cpu 31 Firmware X-sb 01 X-sb 01 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:hima:f30_03x_yy_\(com\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hima:f30_03x_yy_\(com\):-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:hima:f30_03x_yy_\(cpu\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hima:f30_03x_\(cpu\)_yy:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:hima:f35_03x_yy_\(com\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hima:f35_03x_yy_\(com\)_:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:hima:f35_03x_yy_\(cpu\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hima:f35_03x_yy_\(cpu\):-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:hima:f60_cpu_03x_yy_\(com\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hima:f60_cpu_03x_yy_\(com\):-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:hima:f60_cpu_03x_yy_\(cpu\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hima:f60_cpu_03x_yy_\(cpu\):-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:hima:f-com_01_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hima:f-com_01:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:hima:f-cpu_01_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hima:f-cpu_01:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:hima:x-com_01_e_yy_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hima:x-com_01_e_yy:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:hima:x-com_01_yy_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hima:x-com_01_yy:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:hima:x-cpu_01_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hima:x-cpu_01:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:hima:x-cpu_31_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hima:x-cpu_31:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:hima:x-sb_01_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hima:x-sb_01:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://cert.vde.com/en/advisories/VDE-2024-013

History

Thu, 07 Nov 2024 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 18 Oct 2024 19:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Hima Hima f-com 01 Hima f-com 01 Firmware Hima f-cpu 01 Hima f-cpu 01 Firmware Hima f30 03x \(cpu\) Yy Hima f30 03x Yy \(com\) Hima f30 03x Yy \(com\) Firmware Hima f30 03x Yy \(cpu\) Firmware Hima f35 03x Yy \(com\) Hima f35 03x Yy \(com\) Firmware Hima f35 03x Yy \(cpu\) Hima f35 03x Yy \(cpu\) Firmware Hima f60 Cpu 03x Yy \(com\) Hima f60 Cpu 03x Yy \(com\) Firmware Hima f60 Cpu 03x Yy \(cpu\) Hima f60 Cpu 03x Yy \(cpu\) Firmware Hima x-com 01 E Yy Hima x-com 01 E Yy Firmware Hima x-com 01 Yy Hima x-com 01 Yy Firmware Hima x-cpu 01 Hima x-cpu 01 Firmware Hima x-cpu 31 Hima x-cpu 31 Firmware Hima x-sb 01 Hima x-sb 01 Firmware
Weaknesses		NVD-CWE-noinfo
CPEs		cpe:2.3:h:hima:f-com_01:-:::::::* cpe:2.3:h:hima:f-cpu_01:-:::::::* cpe:2.3:h:hima:f30_03x_\(cpu\)_yy:-:::::::* cpe:2.3:h:hima:f30_03x_yy_\(com\):-:::::::* cpe:2.3:h:hima:f35_03x_yy_\(com\)_:-:::::::* cpe:2.3:h:hima:f35_03x_yy_\(cpu\):-:::::::* cpe:2.3:h:hima:f60_cpu_03x_yy_\(com\):-:::::::* cpe:2.3:h:hima:f60_cpu_03x_yy_\(cpu\):-:::::::* cpe:2.3:h:hima:x-com_01_e_yy:-:::::::* cpe:2.3:h:hima:x-com_01_yy:-:::::::* cpe:2.3:h:hima:x-cpu_01:-:::::::* cpe:2.3:h:hima:x-cpu_31:-:::::::* cpe:2.3:h:hima:x-sb_01:-:::::::* cpe:2.3:o:hima:f-com_01_firmware:::::::: cpe:2.3:o:hima:f-cpu_01_firmware:::::::: cpe:2.3:o:hima:f30_03x_yy_\(com\)_firmware:::::::: cpe:2.3:o:hima:f30_03x_yy_\(cpu\)_firmware:::::::: cpe:2.3:o:hima:f35_03x_yy_\(com\)_firmware:::::::: cpe:2.3:o:hima:f35_03x_yy_\(cpu\)_firmware:::::::: cpe:2.3:o:hima:f60_cpu_03x_yy_\(com\)_firmware:::::::: cpe:2.3:o:hima:f60_cpu_03x_yy_\(cpu\)_firmware:::::::: cpe:2.3:o:hima:x-com_01_e_yy_firmware:::::::: cpe:2.3:o:hima:x-com_01_yy_firmware:::::::: cpe:2.3:o:hima:x-cpu_01_firmware:::::::: cpe:2.3:o:hima:x-cpu_31_firmware:::::::: cpe:2.3:o:hima:x-sb_01_firmware::::::::
Vendors & Products		Hima Hima f-com 01 Hima f-com 01 Firmware Hima f-cpu 01 Hima f-cpu 01 Firmware Hima f30 03x \(cpu\) Yy Hima f30 03x Yy \(com\) Hima f30 03x Yy \(com\) Firmware Hima f30 03x Yy \(cpu\) Firmware Hima f35 03x Yy \(com\) Hima f35 03x Yy \(com\) Firmware Hima f35 03x Yy \(cpu\) Hima f35 03x Yy \(cpu\) Firmware Hima f60 Cpu 03x Yy \(com\) Hima f60 Cpu 03x Yy \(com\) Firmware Hima f60 Cpu 03x Yy \(cpu\) Hima f60 Cpu 03x Yy \(cpu\) Firmware Hima x-com 01 E Yy Hima x-com 01 E Yy Firmware Hima x-com 01 Yy Hima x-com 01 Yy Firmware Hima x-cpu 01 Hima x-cpu 01 Firmware Hima x-cpu 31 Hima x-cpu 31 Firmware Hima x-sb 01 Hima x-sb 01 Firmware

MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published: 2024-02-13T13:46:31.571Z

Updated: 2024-11-07T19:05:15.767Z

Reserved: 2024-01-30T14:47:38.517Z

Link: CVE-2024-24781

Vulnrichment

Updated: 2024-08-01T23:28:12.049Z

NVD

Status : Modified

Published: 2024-02-13T14:15:46.780

Modified: 2024-11-21T08:59:41.280

Link: CVE-2024-24781

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object