CVE-2024-23601

None

Description

A code injection vulnerability exists in the scan_lib.bin functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted scan_lib.bin can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

INFO

Published Date :

2024-05-28T15:30:13.904Z

Last Modified :

2025-02-13T17:39:48.000Z

Source :

talos

AFFECTED PRODUCTS

The following products are affected by CVE-2024-23601 vulnerability.

Vendors	Products
Automationdirect	P1-540 P1-540 Firmware P1-550 P1-550 Firmware P2-550 P2-550 Firmware P3-530 P3-530 Firmware P3-550 P3-550 Firmware P3-550e P3-550e Firmware

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-23601.

URL	Resource
https://community.automationdirect.com/s/internal-database-security-advisory/a4GPE0000003ycL2AQ/sa00039
https://talosintelligence.com/vulnerability_reports/TALOS-2024-1943
https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1943

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact