Buffer Overflow Vulnerability Affects OnCell G3470A-LTE Series Firmware
CVE-2024-4640

8.2HIGH

Key Information:

Vendor: Moxa
Status: Oncell G3150a-lte Series
Vendor: CVE Published:; 25 June 2024

What is CVE-2024-4640?

The OnCell G3470A-LTE Series firmware, specifically versions v1.7.7 and prior, has been found to have a vulnerability due to inadequate bounds checking on buffer operations. This oversight allows an attacker to potentially write beyond the limits of allocated buffer regions in memory, which could lead to unexpected program behavior and instability, such as crashes. Organizations utilizing this firmware should be aware of the implications of this vulnerability and take appropriate measures to protect their systems.

Affected Version(s)

OnCell G3150A-LTE Series 1.0 <= 1.7.7

References

https://www.moxa.com/en/support/product-support/security-...

vendor-advisory

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 25, 2024
Vulnerability Reserved
May 8, 2024

Credit

Nikita Abramov from Positive Technologies

Moxa

What is CVE-2024-4640?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit