CVE-2024-22104

moderate-risk

Published 2024-07-02

Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS).

Do I need to act?

0.12% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (20)

Windriver

Cpu Module Logging Configuration Tool

Cw Configurator

Data Transfer

Data Transfer Classic

Ezsocket

Fr Configurator Sw3

Fr Configurator2

Genesis64

Gt Got1000

Gt Got2000

Gt Softgot1000

Gt Softgot2000

Gx Developer

Gx Logviewer

Gx Works2

Gx Works3

Iq Works

Mi Configurator

Mr Configurator

Affected Vendors

Mitsubishielectric Jungo

References (6)

Release Notes https://jungo.com/windriver/versions/

Third Party Advisory https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04

Third Party Advisory https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf

Release Notes https://jungo.com/windriver/versions/

Third Party Advisory https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04

Third Party Advisory https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf

/ 100

moderate-risk

Severity 18/34 · Moderate

Exploitability 1/34 · Minimal

Exposure 23/34 · High