← Back to CVE List

CVE-2024-24947

Published: 2024-05-28T16:15Z
Last Modified: 2025-02-12T18:30Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
A heap-based buffer overflow vulnerability exists in the Programming Software Connection CurrDir functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger these vulnerability.This CVE tracks the heap corruption that occurs at offset `0xb68c4` of version 1.2.10.9 of the P3-550E firmware, which occurs when a call to `memset` relies on an attacker-controlled length value and corrupts any trailing heap allocations. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt