Heap-Based Buffer Overflow Vulnerability in FOXMAN-UN/UNEM Could Lead to Denial of Service or Arbitrary Code Execution
CVE-2024-2011

9.8CRITICAL

Key Information:

Vendor
Hitachi
Status
Foxman-un
Unem
Vendor
CVE Published:
11 June 2024

Summary

A serious heap-based buffer overflow vulnerability exists in the FOXMAN-UN and UNEM products from Hitachi Energy. This flaw, if exploited, could lead to denial of service for applications utilizing these products. Additionally, attackers could potentially execute arbitrary code, which poses a significant risk as it may operate outside the program's security policies. Special precautions are recommended to mitigate potential exploitation of this vulnerability.

Affected Version(s)

FOXMAN-UN FOXMAN-UN R16B PC2

FOXMAN-UN FOXMAN-UN R15B PC4

FOXMAN-UN FOXMAN-UN R16A

References

https://publisher.hitachienergy.com/preview?DocumentId=8D...
https://publisher.hitachienergy.com/preview?DocumentId=8D...

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.