CVE-2024-24781

moderate-risk
Published 2024-02-13

An unauthenticated remote attacker can use an uncontrolled resource consumption vulnerability to DoS the affected devices through excessive traffic on a single ethernet port. 

Do I need to act?

-
0.48% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
NETWORK / LOW complexity

Affected Products (13)

F30 03X Yy \(Com\) Firmware
F30 03X Yy \(Cpu\) Firmware
F35 03X Yy \(Com\) Firmware
F35 03X Yy \(Cpu\) Firmware
F60 Cpu 03X Yy \(Com\) Firmware
F60 Cpu 03X Yy \(Cpu\) Firmware
F-Com 01 Firmware
F-Cpu 01 Firmware
X-Com 01 E Yy Firmware
X-Com 01 Yy Firmware
X-Cpu 01 Firmware
X-Cpu 31 Firmware
X-Sb 01 Firmware

Affected Vendors

Hima

References (2)

Mitigation https://cert.vde.com/en/advisories/VDE-2024-013
Mitigation https://cert.vde.com/en/advisories/VDE-2024-013
45
/ 100
moderate-risk
Severity 26/34 · High
Exploitability 2/34 · Minimal
Exposure 17/34 · Moderate