Memory Manipulation Vulnerability in Affected Product by Vendor
CVE-2024-12650

5.4MEDIUM

Key Information:

Vendor
Wago
Status
Cc100 0751-9x01
Edge Controller 0752-8303/8000-0002
Pfc100 G1 0750-810x/xxxx-xxxx
Pfc100 G2 0750-811x-xxxx-xxxx
Vendor
CVE Published:
5 March 2025

Summary

An attacker with limited access can exploit this vulnerability by modifying the requested memory size, leading the application to operate in an invalid memory space. This may result in application crashes; however, it does not affect the stability of other applications. As a precaution, it is recommended to apply necessary updates to mitigate potential exploitation.

Affected Version(s)

CC100 0751-9x01 0 < 04.07.01

CC100 0751-9x01 0 < 04.07.01

Edge Controller 0752-8303/8000-0002 0 < 04.07.01

References

https://cert.vde.com/en/advisories/VDE-2025-004

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Gabriele Quagliarella from Nozomi Networks
.
CVE-2024-12650 : Memory Manipulation Vulnerability in Affected Product by Vendor | SecurityVulnerability.io