Unrated severityNVD Advisory· Published May 28, 2024· Updated Feb 13, 2025

CVE-2024-24954

Description

Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset 0xb69c8.

Affected products

Automationdirect/P3-550Ellm-fuzzy
Range: = 1.2.10.9
AutomationDirect/P3-550Ev5
Range: 1.2.10.9

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

talosintelligence.com/vulnerability_reports/TALOS-2024-1938mitre
www.talosintelligence.com/vulnerability_reports/TALOS-2024-1938mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000