CWE-1284
Improper Validation of Specified Quantity in Input
The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.
CVE-2024-3036 (GCVE-0-2024-3036)
Vulnerability from cvelistv5
Published
2024-06-21 10:26
Modified
2025-09-11 14:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1284 - Improper Validation of Specified Quantity in Input
Summary
Improper Input Validation vulnerability in ABB 800xA Base.
An attacker who successfully exploited this
vulnerability could cause services to crash by sending specifically crafted messages.
This issue affects 800xA Base: from 6.0.0 through 6.1.1-2.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ABB | 800xA Base |
Version: 6.0.0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3036",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-22T16:40:26.281359Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-11T14:14:49.114Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:32:42.587Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=7PAA013309\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "800xA Base",
"vendor": "ABB",
"versions": [
{
"lessThanOrEqual": "6.1.1-2",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ABB acknowledges and extends gratitude to Uri Sade, Roman Dvorkin, Roni Gavrilov, and Eran Jacob of the OTORIO org for responsibly disclosing the vulnerability and providing valuable input on product improvements."
}
],
"datePublic": "2024-06-21T05:02:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Input Validation vulnerability in ABB 800xA Base.\u003cbr\u003eAn attacker who successfully exploited this \nvulnerability could cause services to crash by sending specifically crafted messages.\u003cbr\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eThis issue affects 800xA Base: from 6.0.0 through 6.1.1-2.\u003c/span\u003e"
}
],
"value": "Improper Input Validation vulnerability in ABB 800xA Base.\nAn attacker who successfully exploited this \nvulnerability could cause services to crash by sending specifically crafted messages.\nThis issue affects 800xA Base: from 6.0.0 through 6.1.1-2."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "AUTOMATIC",
"Safety": "NEGLIGIBLE",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:Y/R:A/V:D/RE:M",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284: Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-08T09:33:00.218Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://search.abb.com/library/Download.aspx?DocumentID=7PAA013309\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Communication DoS vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The system can be protected from network-based exploits of this vulnerability by enabling IPSec according to existing user documentation.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "The system can be protected from network-based exploits of this vulnerability by enabling IPSec according to existing user documentation."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-3036",
"datePublished": "2024-06-21T10:26:30.550Z",
"dateReserved": "2024-03-28T04:24:31.670Z",
"dateUpdated": "2025-09-11T14:14:49.114Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-36346 (GCVE-0-2024-36346)
Vulnerability from cvelistv5
Published
2025-09-06 17:43
Modified
2025-09-08 14:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1284 - Improper Validation of Specified Quantity in Input
Summary
Improper input validation in AMD Power Management Firmware (PMFW) could allow a privileged attacker from Guest VM to send arbitrary input data potentially causing a GPU Reset condition.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | AMD Instinct™ MI300A | |||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36346",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-08T14:49:14.451826Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-08T14:49:20.329Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AMD Instinct\u2122 MI300A",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "BKC 21"
}
]
},
{
"defaultStatus": "affected",
"product": "AMD Instinct\u2122 MI300X",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "BKC 24.13"
}
]
}
],
"datePublic": "2025-09-06T17:22:38.767Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper input validation in AMD Power Management Firmware (PMFW) could allow a privileged attacker from Guest VM to send arbitrary input data potentially causing a GPU Reset condition.\r\n\u003cbr\u003e"
}
],
"value": "Improper input validation in AMD Power Management Firmware (PMFW) could allow a privileged attacker from Guest VM to send arbitrary input data potentially causing a GPU Reset condition."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-06T17:43:14.113Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6018.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "AMD PSIRT Automation 1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2024-36346",
"datePublished": "2025-09-06T17:43:14.113Z",
"dateReserved": "2024-05-23T19:44:47.201Z",
"dateUpdated": "2025-09-08T14:49:20.329Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5931 (GCVE-0-2024-5931)
Vulnerability from cvelistv5
Published
2024-09-13 19:41
Modified
2025-09-17 05:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
BT: Unchecked user input in bap_broadcast_assistant
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| zephyrproject-rtos | Zephyr |
Version: * |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:zephyrproject-rtos:zephyr:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "zephyr",
"vendor": "zephyrproject-rtos",
"versions": [
{
"lessThanOrEqual": "3.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5931",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-16T14:46:48.955985Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-16T14:46:53.777Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "Zephyr",
"product": "Zephyr",
"repo": "https://github.com/zephyrproject-rtos/zephyr",
"vendor": "zephyrproject-rtos",
"versions": [
{
"lessThanOrEqual": "3.6",
"status": "affected",
"version": "*",
"versionType": "git"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "BT: Unchecked user input in bap_broadcast_assistant"
}
],
"value": "BT: Unchecked user input in bap_broadcast_assistant"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T05:08:13.479Z",
"orgId": "e2e69745-5e70-4e92-8431-deb5529a81ad",
"shortName": "zephyr"
},
"references": [
{
"url": "https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-r8h3-64gp-wv7f"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "BT: Unchecked user input in bap_broadcast_assistant",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e2e69745-5e70-4e92-8431-deb5529a81ad",
"assignerShortName": "zephyr",
"cveId": "CVE-2024-5931",
"datePublished": "2024-09-13T19:41:57.713Z",
"dateReserved": "2024-06-12T19:58:33.952Z",
"dateUpdated": "2025-09-17T05:08:13.479Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6768 (GCVE-0-2024-6768)
Vulnerability from cvelistv5
Published
2024-08-12 18:29
Modified
2025-09-15 17:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1284 - Improper Validation of Specified Quantity in Input
Summary
A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated low-privilege user to cause a Blue Screen of Death via a forced call to the KeBugCheckEx function.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Windows 10 |
Version: 10.0.0 |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6768",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-13T14:23:52.599512Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T14:24:58.377Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-09-15T17:28:11.205Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.vicarius.io/vsociety/posts/cve-2024-6768-detection-script-blue-screen-of-death-vulnerability-affecting-microsoft-windows"
},
{
"url": "https://www.vicarius.io/vsociety/posts/cve-2024-6768-mitigation-script-blue-screen-of-death-vulnerability-affecting-microsoft-windows"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Windows 10",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "Windows 11",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ricardo Narvaja"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated low-privilege user to cause a Blue Screen of Death via a forced call to the KeBugCheckEx function."
}
],
"value": "A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated low-privilege user to cause a Blue Screen of Death via a forced call to the KeBugCheckEx function."
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T18:29:30.770Z",
"orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"shortName": "Fortra"
},
"references": [
{
"url": "https://www.fortra.com/security/advisories/research/fr-2024-001"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Denial of Service in CLFS.sys",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"assignerShortName": "Fortra",
"cveId": "CVE-2024-6768",
"datePublished": "2024-08-12T18:29:30.770Z",
"dateReserved": "2024-07-15T21:02:40.118Z",
"dateUpdated": "2025-09-15T17:28:11.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9448 (GCVE-0-2024-9448)
Vulnerability from cvelistv5
Published
2025-05-08 19:14
Modified
2025-08-25 19:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1284 - Improper Validation of Specified Quantity in Input
Summary
On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropped and instead will be forwarded as if the rule was not in place. This could lead to packets being delivered to unexpected destinations.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | EOS |
Version: 4.33.0 < Version: 4.32.0 < Version: 4.31.0 < Version: 4.30.0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9448",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T19:28:16.811276Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-08T19:29:47.601Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"EOS"
],
"product": "EOS",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "4.33.0F",
"status": "affected",
"version": "4.33.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.32.3M",
"status": "affected",
"version": "4.32.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.31.5M",
"status": "affected",
"version": "4.31.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.30.8M",
"status": "affected",
"version": "4.30.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn order to be vulnerable to CVE-2024-9448, the following condition must be met:\u003c/p\u003e\u003cdiv\u003eA Traffic Policy must be configured:\u003c/div\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cpre\u003eswitch\u0026gt;show traffic-policy vlan\nTraffic policy myPolicy\n\u0026nbsp; \u0026nbsp;Configured on VLANs: 42, 43\n\u0026nbsp; \u0026nbsp;Applied on VLANs for IPv4 traffic: 42, 43\n\u0026nbsp; \u0026nbsp;Applied on VLANs for IPv6 traffic: 42, 43\n\u0026nbsp; \u0026nbsp;Total number of rules configured: 4\n\u0026nbsp; \u0026nbsp; \u0026nbsp; match anIpv4Rule ipv4\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eActions: Drop\u003c/span\u003e\n\u0026nbsp; \u0026nbsp; \u0026nbsp; match anIpv6Rule ipv6\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eActions: Drop\u003c/span\u003e\n\u0026nbsp; \u0026nbsp; \u0026nbsp; match ipv4-all-default ipv4\n\u0026nbsp; \u0026nbsp; \u0026nbsp; match ipv6-all-default ipv6\u003c/pre\u003e\u003cdiv\u003eIf a Traffic Policy is not configured there is no exposure to this issue and the message will look something like:\u003c/div\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cpre\u003eswitch\u0026gt;show traffic-policy vlan \nswitch\u0026gt;\u003c/pre\u003e"
}
],
"value": "In order to be vulnerable to CVE-2024-9448, the following condition must be met:\n\nA Traffic Policy must be configured:\n\n\u00a0\n\nswitch\u003eshow traffic-policy vlan\nTraffic policy myPolicy\n\u00a0 \u00a0Configured on VLANs: 42, 43\n\u00a0 \u00a0Applied on VLANs for IPv4 traffic: 42, 43\n\u00a0 \u00a0Applied on VLANs for IPv6 traffic: 42, 43\n\u00a0 \u00a0Total number of rules configured: 4\n\u00a0 \u00a0 \u00a0 match anIpv4Rule ipv4\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0Actions: Drop\n\u00a0 \u00a0 \u00a0 match anIpv6Rule ipv6\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0Actions: Drop\n\u00a0 \u00a0 \u00a0 match ipv4-all-default ipv4\n\u00a0 \u00a0 \u00a0 match ipv6-all-default ipv6\n\nIf a Traffic Policy is not configured there is no exposure to this issue and the message will look something like:\n\n\u00a0\n\nswitch\u003eshow traffic-policy vlan \nswitch\u003e"
}
],
"datePublic": "2025-03-11T15:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eOn affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropped and instead will be forwarded as if the rule was not in place. This could lead to packets being delivered to unexpected destinations.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropped and instead will be forwarded as if the rule was not in place. This could lead to packets being delivered to unexpected destinations."
}
],
"impacts": [
{
"capecId": "CAPEC-481",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-481 Contradictory Destinations in Traffic Routing Schemes"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-25T19:52:14.674Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://https://www.arista.com/en/support/advisories-notices/security-advisory/21121-security-advisory-0112"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades\"\u003eEOS User Manual: Upgrades and Downgrades\u003c/a\u003e\u003c/p\u003e\u003cdiv\u003eCVE-2024-9448 has been fixed in the following releases:\u003c/div\u003e\u003cul\u003e\u003cli\u003e4.33.1F and later releases in the 4.33.x train\u003c/li\u003e\u003cli\u003e4.32.4M and later releases in the 4.32.x train\u003c/li\u003e\u003cli\u003e4.31.6M and later releases in the 4.31.x train\u003c/li\u003e\u003cli\u003e4.30.9M and later releases in the 4.30.x train\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e"
}
],
"value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see EOS User Manual: Upgrades and Downgrades https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades \n\nCVE-2024-9448 has been fixed in the following releases:\n\n * 4.33.1F and later releases in the 4.33.x train\n * 4.32.4M and later releases in the 4.32.x train\n * 4.31.6M and later releases in the 4.31.x train\n * 4.30.9M and later releases in the 4.30.x train"
}
],
"source": {
"advisory": "112",
"defect": [
"BUG 992963"
],
"discovery": "INTERNAL"
},
"title": "On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropp",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThere is no mitigation other than to not use the Traffic Policy feature where it would be expected to match on receipt of untagged packets.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "There is no mitigation other than to not use the Traffic Policy feature where it would be expected to match on receipt of untagged packets."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-9448",
"datePublished": "2025-05-08T19:14:00.226Z",
"dateReserved": "2024-10-02T20:39:01.319Z",
"dateUpdated": "2025-08-25T19:52:14.674Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0038 (GCVE-0-2025-0038)
Vulnerability from cvelistv5
Published
2025-10-06 16:08
Modified
2025-10-06 17:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1284 - - Improper Validation of Specified Quantity in Input
Summary
In AMD Zynq UltraScale+ devices, the lack of address validation when executing CSU runtime services through the PMU Firmware can allow access to isolated or protected memory spaces resulting in the loss of integrity and confidentiality.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | Kria(TM) SOM |
Version: PMU Firmware version TBD |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0038",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-06T17:00:56.364010Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-06T17:16:22.921Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Kria(TM) SOM",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "PMU Firmware version TBD"
}
]
},
{
"defaultStatus": "affected",
"product": "Zynq UltraScale+ MPSoCs",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "PMU Firmware version TBD"
}
]
},
{
"defaultStatus": "affected",
"product": "Zynq UltraScale+ RFSoCs",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "PMU Firmware version TBD"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In AMD Zynq UltraScale+ devices, the lack of address validation when executing CSU runtime services through the PMU Firmware can allow access to isolated or protected memory spaces resulting in the loss of integrity and confidentiality.\u003cbr\u003e"
}
],
"value": "In AMD Zynq UltraScale+ devices, the lack of address validation when executing CSU runtime services through the PMU Firmware can allow access to isolated or protected memory spaces resulting in the loss of integrity and confidentiality."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 - Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-06T16:08:59.227Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8008.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2025-0038",
"datePublished": "2025-10-06T16:08:59.227Z",
"dateReserved": "2024-11-21T16:18:05.485Z",
"dateUpdated": "2025-10-06T17:16:22.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10094 (GCVE-0-2025-10094)
Vulnerability from cvelistv5
Published
2025-09-12 04:57
Modified
2025-09-12 13:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1284 - Improper Validation of Specified Quantity in Input
Summary
An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed authenticated users to disrupt access to token listings and related administrative operations by creating tokens with excessively large names.
References
| ▼ | URL | Tags |
|---|---|---|
| https://about.gitlab.com/releases/2025/09/10/patch-release-gitlab-18-3-2-released/ | ||
| https://gitlab.com/gitlab-org/gitlab/-/issues/528469 | issue-tracking, permissions-required | |
| https://hackerone.com/reports/3049089 | technical-description, exploit, permissions-required |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10094",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-12T13:05:04.221834Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-12T13:05:11.654Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "18.1.6",
"status": "affected",
"version": "10.7",
"versionType": "semver"
},
{
"lessThan": "18.2.6",
"status": "affected",
"version": "18.2",
"versionType": "semver"
},
{
"lessThan": "18.3.2",
"status": "affected",
"version": "18.3",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [pwnie](https://hackerone.com/pwnie) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed authenticated users to disrupt access to token listings and related administrative operations by creating tokens with excessively large names."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284: Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-12T04:57:11.650Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"url": "https://about.gitlab.com/releases/2025/09/10/patch-release-gitlab-18-3-2-released/"
},
{
"name": "GitLab Issue #528469",
"tags": [
"issue-tracking",
"permissions-required"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/528469"
},
{
"name": "HackerOne Bug Bounty Report #3049089",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/3049089"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 18.1.6, 18.2.6, 18.3.2 or above."
}
],
"title": "Improper Validation of Specified Quantity in Input in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2025-10094",
"datePublished": "2025-09-12T04:57:11.650Z",
"dateReserved": "2025-09-08T07:05:02.957Z",
"dateUpdated": "2025-09-12T13:05:11.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2256 (GCVE-0-2025-2256)
Vulnerability from cvelistv5
Published
2025-09-12 06:06
Modified
2025-09-12 17:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1284 - Improper Validation of Specified Quantity in Input
Summary
An issue has been discovered in GitLab CE/EE affecting all versions from 7.12 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed unauthorized users to render the GitLab instance unresponsive to legitimate users by sending multiple concurrent large SAML responses.
References
| ▼ | URL | Tags |
|---|---|---|
| https://about.gitlab.com/releases/2025/09/10/patch-release-gitlab-18-3-2-released/ | ||
| https://gitlab.com/gitlab-org/gitlab/-/issues/524633 | issue-tracking, permissions-required | |
| https://hackerone.com/reports/3019485 | technical-description, exploit, permissions-required |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2256",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-12T17:19:23.671886Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-12T17:19:32.801Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "18.1.6",
"status": "affected",
"version": "7.12",
"versionType": "semver"
},
{
"lessThan": "18.2.6",
"status": "affected",
"version": "18.2",
"versionType": "semver"
},
{
"lessThan": "18.3.2",
"status": "affected",
"version": "18.3",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [yuki_osaki](https://hackerone.com/yuki_osaki) and [lambdasawa](https://hackerone.com/lambdasawa) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab CE/EE affecting all versions from 7.12 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed unauthorized users to render the GitLab instance unresponsive to legitimate users by sending multiple concurrent large SAML responses."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284: Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-12T06:06:04.796Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"url": "https://about.gitlab.com/releases/2025/09/10/patch-release-gitlab-18-3-2-released/"
},
{
"name": "GitLab Issue #524633",
"tags": [
"issue-tracking",
"permissions-required"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/524633"
},
{
"name": "HackerOne Bug Bounty Report #3019485",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/3019485"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 18.1.6, 18.2.6, 18.3.2 or above."
}
],
"title": "Improper Validation of Specified Quantity in Input in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2025-2256",
"datePublished": "2025-09-12T06:06:04.796Z",
"dateReserved": "2025-03-12T15:05:04.877Z",
"dateUpdated": "2025-09-12T17:19:32.801Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-32689 (GCVE-0-2025-32689)
Vulnerability from cvelistv5
Published
2025-09-09 16:25
Modified
2025-09-09 18:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1284 - Improper Validation of Specified Quantity in Input
Summary
Improper Validation of Specified Quantity in Input vulnerability in ThemesGrove WP SmartPay. This issue affects WP SmartPay: from n/a through 2.7.13.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ThemesGrove | WP SmartPay |
Version: n/a < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-32689",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-09T17:49:31.579389Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-09T18:41:06.167Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "smartpay",
"product": "WP SmartPay",
"vendor": "ThemesGrove",
"versions": [
{
"lessThanOrEqual": "2.7.13",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Abdi Pranata (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper Validation of Specified Quantity in Input vulnerability in ThemesGrove WP SmartPay.\u003c/p\u003e\u003cp\u003eThis issue affects WP SmartPay: from n/a through 2.7.13.\u003c/p\u003e"
}
],
"value": "Improper Validation of Specified Quantity in Input vulnerability in ThemesGrove WP SmartPay. This issue affects WP SmartPay: from n/a through 2.7.13."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-09T16:25:31.773Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/smartpay/vulnerability/wordpress-download-manager-and-payment-form-2-7-12-other-vulnerability-type-vulnerability?_s_id=cve"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Download Manager and Payment Form plugin \u003c= 2.7.13 - Price Manipulation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-32689",
"datePublished": "2025-09-09T16:25:31.773Z",
"dateReserved": "2025-04-09T11:21:30.217Z",
"dateUpdated": "2025-09-09T18:41:06.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-3511 (GCVE-0-2025-3511)
Vulnerability from cvelistv5
Published
2025-04-25 05:14
Modified
2025-10-10 06:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1284 - Improper Validation of Specified Quantity in Input
Summary
Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric Corporation CC-Link IE TSN Remote I/O module, CC-Link IE TSN Analog-Digital Converter module, CC-Link IE TSN Digital-Analog Converter module, CC-Link IE TSN FPGA module, CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY, MELSEC iQ-R Series CC-Link IE TSN Master/Local Module, MELSEC iQ-R Series Ethernet Interface Module, and CC-Link IE TSN Master/Local Station Communication LSI CP610 allows a remote unauthenticated attacker to cause a Denial of Service condition in the products by sending specially crafted UDP packets.
A system reset of the product is required for recovery.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-001_en.pdf | vendor-advisory | |
| https://jvn.jp/vu/JVNVU96620683/ | government-resource | |
| https://www.cisa.gov/news-events/ics-advisories/icsa-25-128-03 | government-resource |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3511",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-25T19:07:34.363439Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T19:13:07.834Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2S1-32D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2S1-32T",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2S1-32TE",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2S1-32DT",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2S1-32DTE",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2B1-32D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2B1-32T",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2B1-32TE",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2B1-32DT",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2B1-32DTE",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GNCF1-32D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GNCF1-32T",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GNCE3-32D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GNCE3-32DT",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN12A4-16D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN12A4-16DE",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN12A2-16T",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN12A2-16TE",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN12A42-16DT",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN12A42-16DTE",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2S1-16D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2S1-16T",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2S1-16TE",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2B1-16D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2B1-16T",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote I/O module NZ2GN2B1-16TE",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "09 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Analog-Digital Converter module NZ2GN2S-60AD4",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "07 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Analog-Digital Converter module NZ2GN2B-60AD4",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "07 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Digital-Analog Converter module NZ2GN2S-60DA4",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "07 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Digital-Analog Converter module NZ2GN2B-60DA4",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "07 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN FPGA module NZ2GN2S-D41P01",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "01"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN FPGA module NZ2GN2S-D41D01",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "01"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN FPGA module NZ2GN2S-D41PD02",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "01"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY NZ2GACP620-300",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.08J and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY NZ2GACP620-60",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.08J and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series CC-Link IE TSN Master/Local Module RJ71GN11-T2",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "26 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series CC-Link IE TSN Master/Local Module RJ71GN11-EIP",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "10 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series CC-Link IE TSN Master/Local Module RJ71GN11-SX",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "05 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series Ethernet Interface Module RJ71EN71",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "85 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Master/Local Station Communication LSI CP610 NZ2GACP610-60",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "05 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC-Link IE TSN Master/Local Station Communication LSI CP610 NZ2KT-NPETNG51",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "05 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric Corporation CC-Link IE TSN Remote I/O module, CC-Link IE TSN Analog-Digital Converter module, CC-Link IE TSN Digital-Analog Converter module, CC-Link IE TSN FPGA module, CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY,\u0026nbsp;MELSEC iQ-R Series CC-Link IE TSN Master/Local Module,\u0026nbsp;MELSEC iQ-R Series Ethernet Interface Module,\u0026nbsp;and CC-Link IE TSN Master/Local Station Communication LSI CP610\u0026nbsp;allows a remote unauthenticated attacker to cause a Denial of Service condition in the products by sending specially crafted UDP packets.\u0026nbsp;\n\nA system reset of the product is required for recovery."
}
],
"value": "Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric Corporation CC-Link IE TSN Remote I/O module, CC-Link IE TSN Analog-Digital Converter module, CC-Link IE TSN Digital-Analog Converter module, CC-Link IE TSN FPGA module, CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY,\u00a0MELSEC iQ-R Series CC-Link IE TSN Master/Local Module,\u00a0MELSEC iQ-R Series Ethernet Interface Module,\u00a0and CC-Link IE TSN Master/Local Station Communication LSI CP610\u00a0allows a remote unauthenticated attacker to cause a Denial of Service condition in the products by sending specially crafted UDP packets.\u00a0\n\nA system reset of the product is required for recovery."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial-of-Service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-10T06:41:25.638Z",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-001_en.pdf"
},
{
"tags": [
"government-resource"
],
"url": "https://jvn.jp/vu/JVNVU96620683/"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-128-03"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2025-3511",
"datePublished": "2025-04-25T05:14:43.758Z",
"dateReserved": "2025-04-11T04:10:12.030Z",
"dateUpdated": "2025-10-10T06:41:25.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation ID: MIT-5
Phase: Implementation
Strategy: Input Validation
Description:
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
No CAPEC attack patterns related to this CWE.