Common Weakness Enumeration

CWE-131

Allowed

Incorrect Calculation of Buffer Size

Abstraction: Base · Status: Draft

The product does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.

270 vulnerabilities reference this CWE, most recent first.

CVE-2024-23622 (GCVE-0-2024-23622)

Vulnerability from cvelistv5 – Published: 2024-01-25 23:36 – Updated: 2025-06-17 21:19
VLAI
Title
IBM Merge Healthcare eFilm Workstation License Server CopySLS_Request3 Buffer Overflow
Summary
A stack-based buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution with SYSTEM privileges.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-131 - Incorrect Calculation of Buffer Size
Assigner
XI
References
Impacted products
Vendor Product Version
IBM Merge Healthcare eFilm Workstation Affected: 4.1 , ≤ 4.2 (semver)
Create a notification for this product.
Credits
Exodus Intelligence
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T23:06:25.364Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://blog.exodusintel.com/2024/01/25/ibm-merge-healthcare-efilm-workstation-license-server-copysls_request3-buffer-overflow/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-23622",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-01-31T18:42:41.611704Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-17T21:19:30.781Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "eFilm Workstation",
          "vendor": "IBM Merge Healthcare",
          "versions": [
            {
              "lessThanOrEqual": "4.2",
              "status": "affected",
              "version": "4.1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Exodus Intelligence"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A stack-based buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution with SYSTEM privileges.\u003cbr\u003e"
            }
          ],
          "value": "A stack-based buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution with SYSTEM privileges.\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV2_0": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-131",
              "description": "CWE-131 Incorrect Calculation of Buffer Size",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T23:36:03.728Z",
        "orgId": "902ff664-2e36-43e3-a1aa-3210c82d1b67",
        "shortName": "XI"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://blog.exodusintel.com/2024/01/25/ibm-merge-healthcare-efilm-workstation-license-server-copysls_request3-buffer-overflow/"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "IBM Merge Healthcare eFilm Workstation License Server CopySLS_Request3 Buffer Overflow",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "902ff664-2e36-43e3-a1aa-3210c82d1b67",
    "assignerShortName": "XI",
    "cveId": "CVE-2024-23622",
    "datePublished": "2024-01-25T23:36:03.728Z",
    "dateReserved": "2024-01-18T21:37:15.393Z",
    "dateUpdated": "2025-06-17T21:19:30.781Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-23621 (GCVE-0-2024-23621)

Vulnerability from cvelistv5 – Published: 2024-01-25 23:36 – Updated: 2025-06-03 18:17
VLAI
Title
IBM Merge Healthcare eFilm Workstation License Server Buffer Overflow
Summary
A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-131 - Incorrect Calculation of Buffer Size
Assigner
XI
References
Impacted products
Vendor Product Version
IBM Merge Healthcare eFilm Workstation Affected: 4.1 , ≤ 4.2 (semver)
Create a notification for this product.
Credits
Exodus Intelligence
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T23:06:25.235Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://blog.exodusintel.com/2024/01/25/ibm-merge-healthcare-efilm-workstation-license-server-buffer-overflow/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-23621",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-03T18:09:38.817722Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-03T18:17:08.975Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "eFilm Workstation",
          "vendor": "IBM Merge Healthcare",
          "versions": [
            {
              "lessThanOrEqual": "4.2",
              "status": "affected",
              "version": "4.1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Exodus Intelligence"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution."
            }
          ],
          "value": "A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV2_0": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-131",
              "description": "CWE-131 Incorrect Calculation of Buffer Size",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T23:36:01.148Z",
        "orgId": "902ff664-2e36-43e3-a1aa-3210c82d1b67",
        "shortName": "XI"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://blog.exodusintel.com/2024/01/25/ibm-merge-healthcare-efilm-workstation-license-server-buffer-overflow/"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "IBM Merge Healthcare eFilm Workstation License Server Buffer Overflow",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "902ff664-2e36-43e3-a1aa-3210c82d1b67",
    "assignerShortName": "XI",
    "cveId": "CVE-2024-23621",
    "datePublished": "2024-01-25T23:36:01.148Z",
    "dateReserved": "2024-01-18T21:37:15.393Z",
    "dateUpdated": "2025-06-03T18:17:08.975Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-23606 (GCVE-0-2024-23606)

Vulnerability from cvelistv5 – Published: 2024-02-20 15:29 – Updated: 2025-11-04 18:28
VLAI
Summary
An out-of-bounds write vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .famos file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-131 - Incorrect Calculation of Buffer Size
Assigner
Impacted products
Vendor Product Version
The Biosig Project libbiosig Affected: 2.5.0
Affected: Master Branch (ab0ee111)
Create a notification for this product.
fedoraproject fedora Affected: 40
    cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*
Create a notification for this product.
the_biosig_project libbiosig Affected: 2.5.0
    cpe:2.3:a:the_biosig_project:libbiosig:2.5.0:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Discovered by Lilith >_> of Cisco Talos.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "fedora",
            "vendor": "fedoraproject",
            "versions": [
              {
                "status": "affected",
                "version": "40"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:the_biosig_project:libbiosig:2.5.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "libbiosig",
            "vendor": "the_biosig_project",
            "versions": [
              {
                "status": "affected",
                "version": "2.5.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-23606",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-20T18:23:56.758220Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-26T18:31:30.459Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T18:28:49.927Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1925",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1925"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OIRLGNQM33KAWVWP5RPMAPHWNP3IY5YW/"
          },
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1925"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "libbiosig",
          "vendor": "The Biosig Project",
          "versions": [
            {
              "status": "affected",
              "version": "2.5.0"
            },
            {
              "status": "affected",
              "version": "Master Branch (ab0ee111)"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by Lilith \u0026gt;_\u0026gt; of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An out-of-bounds write vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .famos file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-131",
              "description": "CWE-131: Incorrect Calculation of Buffer Size",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-10T21:45:06.565Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1925",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1925"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2024-23606",
    "datePublished": "2024-02-20T15:29:31.412Z",
    "dateReserved": "2024-01-23T19:54:39.689Z",
    "dateUpdated": "2025-11-04T18:28:49.927Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-11425 (GCVE-0-2024-11425)

Vulnerability from cvelistv5 – Published: 2025-01-17 09:00 – Updated: 2025-02-12 17:09
VLAI
Summary
CWE-131: Incorrect Calculation of Buffer Size vulnerability exists that could cause Denial-of-Service of the product when an unauthenticated user is sending a crafted HTTPS packet to the webserver.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-131 - Incorrect Calculation of Buffer Size
Assigner
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-11425",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-17T13:22:26.095314Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T17:09:38.349Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*, excluding M580 CPU Safety)",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "Versions prior to SV4.30"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S)",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "Versions prior to SV4.21"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "BMENOR2200H",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "EVLink Pro AC",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "Versions prior to v1.3.10"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "CWE-131: Incorrect Calculation of Buffer Size vulnerability exists that could cause Denial-of-Service of the\nproduct when an unauthenticated user is sending a crafted HTTPS packet to the webserver.\n\n\u003cbr\u003e"
            }
          ],
          "value": "CWE-131: Incorrect Calculation of Buffer Size vulnerability exists that could cause Denial-of-Service of the\nproduct when an unauthenticated user is sending a crafted HTTPS packet to the webserver."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-131",
              "description": "CWE-131 Incorrect Calculation of Buffer Size",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-17T09:00:32.335Z",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-014-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2025-014-01.pdf"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2024-11425",
    "datePublished": "2025-01-17T09:00:32.335Z",
    "dateReserved": "2024-11-19T15:35:20.847Z",
    "dateUpdated": "2025-02-12T17:09:38.349Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-8361 (GCVE-0-2024-8361)

Vulnerability from cvelistv5 – Published: 2025-01-07 16:18 – Updated: 2025-09-16 16:10
VLAI
Title
DoS caused due to wrong hash length returned for SHA2/224 algorithm
Summary
In SiWx91x devices, the SHA2/224 algorithm returns a hash of 256 bits instead of 224 bits. This incorrect hash length triggers a software assertion, which subsequently causes a Denial of Service (DoS). If a watchdog is implemented, device will restart after watch dog expires. If watchdog is not implemented, device can be recovered only after a hard reset
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-131 - Incorrect Calculation of Buffer Size
  • CWE-617 - Reachable Assertion
Assigner
References
URL Tags
https://community.silabs.com/068Vm00000I7zqo vendor-advisorypermissions-required
Impacted products
Vendor Product Version
silabs.com WiSeConnect SDK Affected: 0 , ≤ 3.3.4 (semver)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-8361",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-07T16:40:05.229011Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-07T16:40:25.660Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "packageName": "WiSeConnect SDK",
          "product": "WiSeConnect SDK",
          "repo": "https://github.com/SiliconLabs/wiseconnect",
          "vendor": "silabs.com",
          "versions": [
            {
              "lessThanOrEqual": "3.3.4",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In SiWx91x devices, the SHA2/224 algorithm returns a hash of 256 bits instead of 224 bits. This incorrect hash length triggers a software assertion, which subsequently causes a Denial of Service (DoS).\u003cbr\u003eIf a watchdog is implemented, device will restart after watch dog expires. If watchdog is not implemented, device can be recovered only after a hard reset"
            }
          ],
          "value": "In SiWx91x devices, the SHA2/224 algorithm returns a hash of 256 bits instead of 224 bits. This incorrect hash length triggers a software assertion, which subsequently causes a Denial of Service (DoS).\nIf a watchdog is implemented, device will restart after watch dog expires. If watchdog is not implemented, device can be recovered only after a hard reset"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-131",
              "description": "CWE-131 Incorrect Calculation of Buffer Size",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-617",
              "description": "CWE-617 Reachable Assertion",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-16T16:10:05.729Z",
        "orgId": "030b2754-1501-44a4-bef8-48be86a33bf4",
        "shortName": "Silabs"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory",
            "permissions-required"
          ],
          "url": "https://community.silabs.com/068Vm00000I7zqo"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "DoS caused due to wrong hash length returned for SHA2/224 algorithm",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "030b2754-1501-44a4-bef8-48be86a33bf4",
    "assignerShortName": "Silabs",
    "cveId": "CVE-2024-8361",
    "datePublished": "2025-01-07T16:18:14.776Z",
    "dateReserved": "2024-08-30T17:09:51.846Z",
    "dateUpdated": "2025-09-16T16:10:05.729Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-5000 (GCVE-0-2024-5000)

Vulnerability from cvelistv5 – Published: 2024-06-04 08:54 – Updated: 2024-08-01 20:55
VLAI
Title
CODESYS: Incorrect calculation of buffer size can cause DoS on CODESYS OPC UA products
Summary
An unauthenticated remote attacker can use a malicious OPC UA client to send a crafted request to affected CODESYS products which can cause a DoS due to incorrect calculation of buffer size.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-131 - Incorrect Calculation of Buffer Size
Assigner
Impacted products
Vendor Product Version
CODESYS CODESYS Control for BeagleBone SL Affected: 0 , < 4.12.0.0 (semver)
Create a notification for this product.
CODESYS CODESYS Control for emPC-A/iMX6 SL Affected: 0 , < 4.12.0.0 (semver)
Create a notification for this product.
CODESYS CODESYS Control for IOT2000 SL Affected: 0 , < 4.12.0.0 (semver)
Create a notification for this product.
CODESYS CODESYS Control for Linux ARM SL Affected: 0 , < 4.12.0.0 (semver)
Create a notification for this product.
CODESYS CODESYS Control for Linux SL Affected: 0 , < 4.12.0.0 (semver)
Create a notification for this product.
CODESYS CODESYS Control for PFC100 SL Affected: 0 , < 4.12.0.0 (semver)
Create a notification for this product.
CODESYS CODESYS Control for PFC200 SL Affected: 0 , < 4.12.0.0 (semver)
Create a notification for this product.
CODESYS CODESYS Control for PLCnext SL Affected: 0 , < 4.12.0.0 (semver)
Create a notification for this product.
CODESYS CODESYS Control for Raspberry Pi SL Affected: 0 , < 4.12.0.0 (semver)
Create a notification for this product.
CODESYS CODESYS Control for WAGO Touch Panels 600 SL Affected: 0 , < 4.12.0.0 (semver)
Create a notification for this product.
CODESYS CODESYS Control RTE (for Beckhoff CX) SL Affected: 0 , < 3.5.20.10 (semver)
Create a notification for this product.
CODESYS CODESYS Control RTE (SL) Affected: 0 , < 3.5.20.10 (semver)
Create a notification for this product.
CODESYS CODESYS Runtime Toolkit Affected: 0 , < 3.5.20.10 (semver)
Create a notification for this product.
CODESYS CODESYS Control Win (SL) Affected: 0 , < 3.5.20.10 (semver)
Create a notification for this product.
CODESYS CODESYS HMI (SL) Affected: 0 , < 3.5.20.10 (semver)
Create a notification for this product.
codesys control_for_empc-a\/imx6_sl Affected: 0 , < 4.12.0.0 (custom)
    cpe:2.3:a:codesys:control_for_empc-a\/imx6_sl:*:*:*:*:*:*:*:*
Create a notification for this product.
codesys control_for_beaglebone_sl Affected: 0 , < 4.12.0.0 (custom)
    cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*
Create a notification for this product.
codesys control_for_iot2000_sl Affected: 0 , < 4.12.0.0 (custom)
    cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*
Create a notification for this product.
codesys control_for_linux_arm_sl Affected: 0 , < 4.12.0.0 (custom)
    cpe:2.3:a:codesys:control_for_linux_arm_sl:*:*:*:*:*:*:*:*
Create a notification for this product.
codesys control_for_linux_sl Affected: 0 , < 4.12.0.0 (custom)
    cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*
Create a notification for this product.
codesys control_for_pfc200_sl Affected: 0 , < 4.12.0.0 (custom)
    cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*
Create a notification for this product.
codesys control_for_plcnext_sl Affected: 0 , < 4.12.0.0 (custom)
    cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*
Create a notification for this product.
codesys control_for_raspberry_pi_sl Affected: 0 , < 4.12.0.0 (custom)
    cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*
Create a notification for this product.
codesys control_for_wago_touch_panels_600_sl Affected: 0 , < 4.12.0.0 (custom)
    cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*
Create a notification for this product.
codesys control_rte_\(for_beckhoff_cx\)_sl Affected: 0 , < 3.5.20.10 (custom)
    cpe:2.3:a:codesys:control_rte_\(for_beckhoff_cx\)_sl:*:*:*:*:*:*:*:*
Create a notification for this product.
codesys control_rte_\(sl\) Affected: 0 , < 3.5.20.10 (custom)
    cpe:2.3:a:codesys:control_rte_\(sl\):*:*:*:*:*:*:*:*
Create a notification for this product.
codesys control_win_\(sl\) Affected: 0 , < 3.5.20.10 (custom)
    cpe:2.3:a:codesys:control_win_\(sl\):*:*:*:*:*:*:*:*
Create a notification for this product.
codesys runtime_toolkit Affected: 0 , < 3.5.20.10 (custom)
    cpe:2.3:a:codesys:runtime_toolkit:*:*:*:*:*:*:*:*
Create a notification for this product.
codesys hmi_\(sl\) Affected: 0 , < 3.5.20.10 (custom)
    cpe:2.3:a:codesys:hmi_\(sl\):*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
ABB Schweiz AG.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "control_for_empc-a\\/imx6_sl",
            "vendor": "codesys",
            "versions": [
              {
                "lessThan": "4.12.0.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "control_for_beaglebone_sl",
            "vendor": "codesys",
            "versions": [
              {
                "lessThan": "4.12.0.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "control_for_iot2000_sl",
            "vendor": "codesys",
            "versions": [
              {
                "lessThan": "4.12.0.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:codesys:control_for_linux_arm_sl:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "control_for_linux_arm_sl",
            "vendor": "codesys",
            "versions": [
              {
                "lessThan": "4.12.0.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "control_for_linux_sl",
            "vendor": "codesys",
            "versions": [
              {
                "lessThan": "4.12.0.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "control_for_pfc200_sl",
            "vendor": "codesys",
            "versions": [
              {
                "lessThan": "4.12.0.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "control_for_plcnext_sl",
            "vendor": "codesys",
            "versions": [
              {
                "lessThan": "4.12.0.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "control_for_raspberry_pi_sl",
            "vendor": "codesys",
            "versions": [
              {
                "lessThan": "4.12.0.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "control_for_wago_touch_panels_600_sl",
            "vendor": "codesys",
            "versions": [
              {
                "lessThan": "4.12.0.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "control_rte_\\(for_beckhoff_cx\\)_sl",
            "vendor": "codesys",
            "versions": [
              {
                "lessThan": "3.5.20.10",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "control_rte_\\(sl\\)",
            "vendor": "codesys",
            "versions": [
              {
                "lessThan": "3.5.20.10",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "control_win_\\(sl\\)",
            "vendor": "codesys",
            "versions": [
              {
                "lessThan": "3.5.20.10",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:codesys:runtime_toolkit:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "runtime_toolkit",
            "vendor": "codesys",
            "versions": [
              {
                "lessThan": "3.5.20.10",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "hmi_\\(sl\\)",
            "vendor": "codesys",
            "versions": [
              {
                "lessThan": "3.5.20.10",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-5000",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-06T14:26:44.507505Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-06T14:44:44.216Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:55:10.389Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en/advisories/VDE-2024-026"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=18355\u0026token=e3e5a937ce72602bec39718ddc2f4ba6d983ccd1\u0026download="
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Control for BeagleBone SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "4.12.0.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Control for emPC-A/iMX6 SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "4.12.0.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Control for IOT2000 SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "4.12.0.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Control for Linux ARM SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "4.12.0.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Control for Linux SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "4.12.0.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Control for PFC100 SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "4.12.0.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Control for PFC200 SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "4.12.0.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Control for PLCnext SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "4.12.0.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Control for Raspberry Pi SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "4.12.0.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Control for WAGO Touch Panels 600 SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "4.12.0.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Control RTE (for Beckhoff CX) SL",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "3.5.20.10",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Control RTE (SL)",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "3.5.20.10",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Runtime Toolkit",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "3.5.20.10",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Control Win (SL)",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "3.5.20.10",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS HMI (SL)",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "3.5.20.10",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "ABB Schweiz AG."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An unauthenticated remote attacker can use a\u0026nbsp;malicious OPC UA client to send a crafted request to affected CODESYS products which can cause a DoS due to incorrect calculation of buffer size.\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "An unauthenticated remote attacker can use a\u00a0malicious OPC UA client to send a crafted request to affected CODESYS products which can cause a DoS due to incorrect calculation of buffer size.\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-131",
              "description": "CWE-131 Incorrect Calculation of Buffer Size",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-04T08:54:06.522Z",
        "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "shortName": "CERTVDE"
      },
      "references": [
        {
          "url": "https://cert.vde.com/en/advisories/VDE-2024-026"
        },
        {
          "url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=18355\u0026token=e3e5a937ce72602bec39718ddc2f4ba6d983ccd1\u0026download="
        }
      ],
      "source": {
        "advisory": "VDE-2024-026",
        "defect": [
          "CERT@VDE#641630"
        ],
        "discovery": "UNKNOWN"
      },
      "title": "CODESYS: Incorrect calculation of buffer size can cause DoS on CODESYS OPC UA products",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
    "assignerShortName": "CERTVDE",
    "cveId": "CVE-2024-5000",
    "datePublished": "2024-06-04T08:54:06.522Z",
    "dateReserved": "2024-05-16T12:09:56.937Z",
    "dateUpdated": "2024-08-01T20:55:10.389Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-52558 (GCVE-0-2023-52558)

Vulnerability from cvelistv5 – Published: 2024-03-01 16:33 – Updated: 2024-11-19 21:42
VLAI
Title
OpenBSD 7.4 and 7.3 m_split() network buffer kernel crash
Summary
In OpenBSD 7.4 before errata 002 and OpenBSD 7.3 before errata 019, a network buffer that had to be split at certain length that could crash the kernel after receiving specially crafted escape sequences.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-131 - Incorrect Calculation of Buffer Size
Assigner
Impacted products
Vendor Product Version
OpenBSD OpenBSD Affected: 7.3 , < 7.3 errata 019 (custom)
Affected: 7.4 , < 7.4 errata 002 (custom)
Create a notification for this product.
openbsd openbsd Affected: 7.3 , < 7.3_errata_019 (custom)
Affected: 7.4 , < 7.4_errata_002 (custom)
    cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2023-10-25 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "openbsd",
            "vendor": "openbsd",
            "versions": [
              {
                "lessThan": "7.3_errata_019",
                "status": "affected",
                "version": "7.3",
                "versionType": "custom"
              },
              {
                "lessThan": "7.4_errata_002",
                "status": "affected",
                "version": "7.4",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52558",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T21:41:24.595292Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T21:42:52.858Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:03:20.692Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.4/common/002_msplit.patch.sig"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/019_msplit.patch.sig"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/openbsd/src/commit/7b4d35e0a60ba1dd4daf4b1c2932020a22463a89"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "OpenBSD",
          "repo": "https://github.com/openbsd/src/",
          "vendor": "OpenBSD",
          "versions": [
            {
              "lessThan": "7.3 errata 019",
              "status": "affected",
              "version": "7.3 ",
              "versionType": "custom"
            },
            {
              "lessThan": "7.4 errata 002",
              "status": "affected",
              "version": "7.4",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2023-10-25T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In OpenBSD 7.4 before errata 002 and OpenBSD 7.3 before errata 019, a\u0026nbsp;network buffer that had to be split at certain length that could crash the kernel after receiving specially crafted escape sequences."
            }
          ],
          "value": "In OpenBSD 7.4 before errata 002 and OpenBSD 7.3 before errata 019, a\u00a0network buffer that had to be split at certain length that could crash the kernel after receiving specially crafted escape sequences."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-131",
              "description": "CWE-131 Incorrect Calculation of Buffer Size",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-01T16:39:00.281Z",
        "orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
        "shortName": "cisa-cg"
      },
      "references": [
        {
          "url": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.4/common/002_msplit.patch.sig"
        },
        {
          "url": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/019_msplit.patch.sig"
        },
        {
          "url": "https://github.com/openbsd/src/commit/7b4d35e0a60ba1dd4daf4b1c2932020a22463a89"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "OpenBSD 7.4 and 7.3 m_split() network buffer kernel crash",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
    "assignerShortName": "cisa-cg",
    "cveId": "CVE-2023-52558",
    "datePublished": "2024-03-01T16:33:06.604Z",
    "dateReserved": "2024-03-01T16:04:51.307Z",
    "dateUpdated": "2024-11-19T21:42:52.858Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-52557 (GCVE-0-2023-52557)

Vulnerability from cvelistv5 – Published: 2024-03-01 16:14 – Updated: 2024-08-02 23:03
VLAI
Title
OpenBSD 7.3 invalid l2tp message npppd crash
Summary
In OpenBSD 7.3 before errata 016, npppd(8) could crash by a l2tp message which has an AVP (Attribute-Value Pair) with wrong length.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-131 - Incorrect Calculation of Buffer Size
  • CWE-805 - Buffer Access with Incorrect Length Value
Assigner
Impacted products
Vendor Product Version
OpenBSD OpenBSD Affected: 7.3 , < 7.3 errata 016 (custom)
Create a notification for this product.
openbsd openbsd Affected: 7.3 , < 7.3_errata_016 (custom)
    cpe:2.3:o:openbsd:openbsd:7.3:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2023-09-21 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:openbsd:openbsd:7.3:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "openbsd",
            "vendor": "openbsd",
            "versions": [
              {
                "lessThan": "7.3_errata_016",
                "status": "affected",
                "version": "7.3",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52557",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-01T20:52:55.807478Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-805",
                "description": "CWE-805 Buffer Access with Incorrect Length Value",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-26T15:58:46.140Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:03:20.647Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/016_npppd.patch.sig"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/openbsd/src/commit/abf3a29384c582c807a621e7fc6e7c68d0cafe9b"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "OpenBSD",
          "repo": "https://github.com/openbsd/src/",
          "vendor": "OpenBSD",
          "versions": [
            {
              "lessThan": "7.3 errata 016",
              "status": "affected",
              "version": "7.3",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2023-09-21T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn OpenBSD 7.3 before errata 016, npppd(8) could crash by a l2tp message which has an AVP (Attribute-Value Pair) with wrong length.\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "In OpenBSD 7.3 before errata 016, npppd(8) could crash by a l2tp message which has an AVP (Attribute-Value Pair) with wrong length.\n"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-131",
              "description": "CWE-131 Incorrect Calculation of Buffer Size",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-01T16:26:42.158Z",
        "orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
        "shortName": "cisa-cg"
      },
      "references": [
        {
          "url": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/016_npppd.patch.sig"
        },
        {
          "url": "https://github.com/openbsd/src/commit/abf3a29384c582c807a621e7fc6e7c68d0cafe9b"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "OpenBSD 7.3 invalid l2tp message npppd crash",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
    "assignerShortName": "cisa-cg",
    "cveId": "CVE-2023-52557",
    "datePublished": "2024-03-01T16:14:56.065Z",
    "dateReserved": "2024-03-01T16:04:51.307Z",
    "dateUpdated": "2024-08-02T23:03:20.647Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-50736 (GCVE-0-2023-50736)

Vulnerability from cvelistv5 – Published: 2024-02-28 02:37 – Updated: 2024-08-23 14:56
VLAI
Title
A vulnerability has been identified in the PostScript interpreter in various Lexmark devices.
Summary
A memory corruption vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Vendor Product Version
Lexmark various Affected: various
Create a notification for this product.
lexmark cxtpc_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:cxtpc_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark cstpc_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:cstpc_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark mxtct_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:mxtct_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark mxtpm_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:mxtpm_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark cxtmm_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:cxtmm_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark mslsg_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:mslsg_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark mxlsg_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:mxlsg_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark mslbd_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:mslbd_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark mxlbd_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:mxlbd_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark msngm_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:msngm_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark cs310 Affected: 0 , ≤ lw80.vyl.p249 (custom)
    cpe:2.3:h:lexmark:cs317:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:cs310:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark mstgm_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:mstgm_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark mxngm_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:mxngm_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark ms315 Affected: 0 , ≤ lw90.tl2.p205 (custom)
    cpe:2.3:h:lexmark:ms417:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:ms415:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:ms315:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark ms610dn Affected: 0 , ≤ lw90.pr2.p205 (custom)
    cpe:2.3:h:lexmark:m3150dn:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:m1145:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:m1140\+:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:ms617:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:ms517:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:ms510:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:ms610dn:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark mxtgm_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:mxtgm_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark msngw_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:msngw_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark mstgw_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:mstgw_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark mxtgw_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:mxtgw_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark cslbn_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:cslbn_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark cslbl_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:cslbl_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark cxlbn_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:cxlbn_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark cxlbl_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:cxlbl_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark cstzj_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:cstzj_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark csnzj_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:csnzj_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark cxtzj_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:cxtzj_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark cxnzj_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:cxnzj_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark cxtpp_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:cxtpp_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark cstpp_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:cstpp_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark cstat_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:cstat_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark cxtat_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:cxtat_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark cstmh_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:cstmh_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark cxtmh_firmware Affected: 0 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:cxtmh_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark msnsn_firmware Affected: 0 , ≤ 222.030 (custom)
Affected: 230.001 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:msnsn_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark mstsn_firmware Affected: 0 , ≤ 222.030 (custom)
Affected: 230.001 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:mstsn_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark mxtsn_firmware Affected: 0 , ≤ 222.030 (custom)
Affected: 230.001 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:mxtsn_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark csngv_firmware Affected: 0 , ≤ 222.030 (custom)
Affected: 230.001 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:csngv_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark cs410 Affected: 0 , ≤ lw80.vy2.p249 (custom)
    cpe:2.3:h:lexmark:cs417:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:cs410:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark cstgv_firmware Affected: 0 , ≤ 222.030 (custom)
Affected: 230.001 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:cstgv_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark cxtgv_firmware Affected: 0 , ≤ 222.030 (custom)
Affected: 230.001 , ≤ 230.041 (custom)
Affected: 230.075 , ≤ 230.078 (custom)
Affected: 230.200 , ≤ 230.203 (custom)
    cpe:2.3:o:lexmark:cxtgv_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
lexmark ms610de Affected: 0 , ≤ lw90.pr4.p205 (custom)
    cpe:2.3:h:lexmark:m3150de:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:ms610de:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark mx410 Affected: 0 , ≤ lw90.sb4.p205 (custom)
    cpe:2.3:h:lexmark:xm1145:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:xm1140:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:mx517:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:mx511:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:mx510:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:mx417:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:mx410:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark mx610 Affected: 0 , ≤ lw90.sb7.p205 (custom)
    cpe:2.3:h:lexmark:xm3150:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:mx617:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:mx611:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:mx610:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark ms711 Affected: 0 , ≤ lw90.dn2.p205 (custom)
    cpe:2.3:h:lexmark:m5163dn:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:ms818:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:ms817:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:ms812dn:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:ms811:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:ms810dn:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:ms710:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:ms711:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark ms810de Affected: 0 , ≤ lw90.dn4.p205 (custom)
    cpe:2.3:h:lexmark:m5163de:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:m5155:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:ms810de:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark ms812de Affected: 0 , ≤ lw90.dn7.p205 (custom)
    cpe:2.3:h:lexmark:m5170:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:ms812de:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark mx710 Affected: 0 , ≤ lw90.tu.p205 (custom)
    cpe:2.3:h:lexmark:xm7270:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:xm7263:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:xm7170:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:xm7163:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:xm7155:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:xm5270:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:xm5263:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:xm5170:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:xm5163:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:mx812:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:mx811:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:mx810:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:mx718:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:mx717:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:mx711:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:mx710:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark ms911 Affected: 0 , ≤ lw90.sa.p205 (custom)
    cpe:2.3:h:lexmark:ms911:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark mx910 Affected: 0 , ≤ lw90.mg.p205 (custom)
    cpe:2.3:h:lexmark:xm9165:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:xm9155:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:xm9145:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:mx912:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:mx911:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:mx910:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark mx6500e Affected: 0 , ≤ lw90.jd.p205 (custom)
    cpe:2.3:h:lexmark:mx6500e:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark cs510 Affected: 0 , ≤ lw90.vy4.p205 (custom)
    cpe:2.3:h:lexmark:c2132:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:cs517:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:cs510:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark cx410 Affected: 0 , ≤ lw90.gm4.p205 (custom)
    cpe:2.3:h:lexmark:xc2130:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:cx417:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:cx410:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark cx510 Affected: 0 , ≤ lw90.gm7.p205 (custom)
    cpe:2.3:h:lexmark:xc2132:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:cx517:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:cx510:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark ms310 Affected: 0 , ≤ lw80.prl.p249 (custom)
    cpe:2.3:h:lexmark:m1140:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:ms410:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:ms317:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:ms312:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:ms310:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark mx310 Affected: 0 , ≤ lw80.sb2.p249 (custom)
    cpe:2.3:h:lexmark:xm1135:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:mx317:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:mx310:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark cx310 Affected: 0 , ≤ lw80.gm2.p249 (custom)
    cpe:2.3:h:lexmark:cx317:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:cx310:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark c746 Affected: 0 , ≤ lhs60.cm2.p763 (custom)
    cpe:2.3:h:lexmark:c746:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark c748 Affected: 0 , ≤ lhs60.cm4.p763 (custom)
    cpe:2.3:h:lexmark:cs748:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:c748:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark c792 Affected: 0 , ≤ lhs60.hc.p763 (custom)
    cpe:2.3:h:lexmark:cs796:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:c792:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark c925 Affected: 0 , ≤ lhs60.hv.p763 (custom)
    cpe:2.3:h:lexmark:c925:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark c950 Affected: 0 , ≤ lhs60.tp.p763 (custom)
    cpe:2.3:h:lexmark:c950:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark x548 Affected: 0 , ≤ lhs60.vk.p763 (custom)
    cpe:2.3:h:lexmark:xs548:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:x548:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark x746 Affected: 0 , ≤ lhs60.ny.p763 (custom)
    cpe:2.3:h:lexmark:xs748:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:x748:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:x746:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark x792 Affected: 0 , ≤ lhs60.mr.p763 (custom)
    cpe:2.3:h:lexmark:xs798:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:xs796:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:xs795:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:x792:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark x925 Affected: 0 , ≤ lhs60.hk.p763 (custom)
    cpe:2.3:h:lexmark:xs925:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:x925:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark x950 Affected: 0 , ≤ lhs60.tq.p763 (custom)
    cpe:2.3:h:lexmark:xs955:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:xs950:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:x954:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:x952:-:*:*:*:*:*:*:*
    cpe:2.3:h:lexmark:x950:-:*:*:*:*:*:*:*
Create a notification for this product.
lexmark 6500e Affected: 0 , ≤ lhs60.jr.p763 (custom)
    cpe:2.3:h:lexmark:6500e:-:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2024-01-19 05:00
Credits
Chris Anastasio working with Trend Micro’s Zero Day Initiative (ZDI)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T22:16:47.298Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:lexmark:cxtpc_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cxtpc_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:cstpc_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cstpc_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:mxtct_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "mxtct_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:mxtpm_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "mxtpm_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:cxtmm_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cxtmm_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:mslsg_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "mslsg_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:mxlsg_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "mxlsg_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:mslbd_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "mslbd_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:mxlbd_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "mxlbd_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:msngm_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "msngm_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:cs317:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:cs310:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cs310",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lw80.vyl.p249",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:mstgm_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "mstgm_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:mxngm_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "mxngm_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:ms417:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:ms415:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:ms315:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "ms315",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lw90.tl2.p205",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:m3150dn:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:m1145:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:m1140\\+:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:ms617:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:ms517:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:ms510:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:ms610dn:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "ms610dn",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lw90.pr2.p205",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:mxtgm_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "mxtgm_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:msngw_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "msngw_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:mstgw_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "mstgw_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:mxtgw_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "mxtgw_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:cslbn_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cslbn_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:cslbl_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cslbl_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:cxlbn_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cxlbn_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:cxlbl_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cxlbl_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:cstzj_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cstzj_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:csnzj_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "csnzj_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:cxtzj_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cxtzj_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:cxnzj_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cxnzj_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:cxtpp_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cxtpp_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:cstpp_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cstpp_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:cstat_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cstat_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:cxtat_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cxtat_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:cstmh_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cstmh_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:cxtmh_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cxtmh_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:msnsn_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "msnsn_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "222.030",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "230.001",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:mstsn_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "mstsn_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "222.030",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "230.001",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:mxtsn_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "mxtsn_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "222.030",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "230.001",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:csngv_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "csngv_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "222.030",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "230.001",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:cs417:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:cs410:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cs410",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lw80.vy2.p249",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:cstgv_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cstgv_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "222.030",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "230.001",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lexmark:cxtgv_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cxtgv_firmware",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "222.030",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.041",
                "status": "affected",
                "version": "230.001",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.078",
                "status": "affected",
                "version": "230.075",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "230.203",
                "status": "affected",
                "version": "230.200",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:m3150de:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:ms610de:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "ms610de",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lw90.pr4.p205",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:xm1145:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:xm1140:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:mx517:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:mx511:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:mx510:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:mx417:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:mx410:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "mx410",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lw90.sb4.p205",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:xm3150:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:mx617:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:mx611:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:mx610:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "mx610",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lw90.sb7.p205",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:m5163dn:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:ms818:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:ms817:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:ms812dn:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:ms811:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:ms810dn:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:ms710:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:ms711:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "ms711",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lw90.dn2.p205",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:m5163de:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:m5155:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:ms810de:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "ms810de",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lw90.dn4.p205",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:m5170:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:ms812de:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "ms812de",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lw90.dn7.p205",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:xm7270:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:xm7263:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:xm7170:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:xm7163:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:xm7155:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:xm5270:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:xm5263:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:xm5170:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:xm5163:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:mx812:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:mx811:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:mx810:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:mx718:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:mx717:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:mx711:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:mx710:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "mx710",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lw90.tu.p205",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:ms911:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "ms911",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lw90.sa.p205",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:xm9165:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:xm9155:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:xm9145:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:mx912:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:mx911:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:mx910:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "mx910",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lw90.mg.p205",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:mx6500e:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "mx6500e",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lw90.jd.p205",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:c2132:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:cs517:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:cs510:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cs510",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lw90.vy4.p205",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:xc2130:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:cx417:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:cx410:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cx410",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lw90.gm4.p205",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:xc2132:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:cx517:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:cx510:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cx510",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lw90.gm7.p205",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:m1140:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:ms410:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:ms317:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:ms312:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:ms310:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "ms310",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lw80.prl.p249",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:xm1135:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:mx317:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:mx310:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "mx310",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lw80.sb2.p249",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:cx317:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:cx310:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cx310",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lw80.gm2.p249",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:c746:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "c746",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lhs60.cm2.p763",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:cs748:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:c748:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "c748",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lhs60.cm4.p763",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:cs796:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:c792:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "c792",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lhs60.hc.p763",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:c925:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "c925",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lhs60.hv.p763",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:c950:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "c950",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lhs60.tp.p763",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:xs548:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:x548:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "x548",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lhs60.vk.p763",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:xs748:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:x748:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:x746:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "x746",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lhs60.ny.p763",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:xs798:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:xs796:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:xs795:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:x792:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "x792",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lhs60.mr.p763",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:xs925:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:x925:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "x925",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lhs60.hk.p763",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:xs955:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:xs950:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:x954:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:x952:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:lexmark:x950:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "x950",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lhs60.tq.p763",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:lexmark:6500e:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "6500e",
            "vendor": "lexmark",
            "versions": [
              {
                "lessThanOrEqual": "lhs60.jr.p763",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-50736",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-05T16:46:14.875524Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-23T14:56:10.517Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "various",
          "vendor": "Lexmark",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Chris Anastasio working with Trend Micro\u2019s Zero Day Initiative (ZDI)"
        }
      ],
      "datePublic": "2024-01-19T05:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A memory corruption vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code.\u003cbr\u003e"
            }
          ],
          "value": "A memory corruption vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code.\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-456",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-456 Infected Memory"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-131",
              "description": "CWE-131",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-28T02:37:45.438Z",
        "orgId": "7bc73191-a2b6-4c63-9918-753964601853",
        "shortName": "Lexmark"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Lexmark recommends a firmware update if your device has affected firmware.\u003cbr\u003e"
            }
          ],
          "value": "Lexmark recommends a firmware update if your device has affected firmware.\n"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "A vulnerability has been identified in the PostScript interpreter in various Lexmark devices.",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7bc73191-a2b6-4c63-9918-753964601853",
    "assignerShortName": "Lexmark",
    "cveId": "CVE-2023-50736",
    "datePublished": "2024-02-28T02:37:45.438Z",
    "dateReserved": "2023-12-11T20:00:38.337Z",
    "dateUpdated": "2024-08-23T14:56:10.517Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-36824 (GCVE-0-2023-36824)

Vulnerability from cvelistv5 – Published: 2023-07-11 16:16 – Updated: 2025-02-13 16:56
VLAI
Title
Heap overflow in COMMAND GETKEYS and ACL evaluation in Redis
Summary
Redis is an in-memory database that persists on disk. In Redit 7.0 prior to 7.0.12, extracting key names from a command and a list of arguments may, in some cases, trigger a heap overflow and result in reading random heap memory, heap corruption and potentially remote code execution. Several scenarios that may lead to authenticated users executing a specially crafted `COMMAND GETKEYS` or `COMMAND GETKEYSANDFLAGS`and authenticated users who were set with ACL rules that match key names, executing a specially crafted command that refers to a variadic list of key names. The vulnerability is patched in Redis 7.0.12.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-122 - Heap-based Buffer Overflow
  • CWE-131 - Incorrect Calculation of Buffer Size
Assigner
Impacted products
Vendor Product Version
redis redis Affected: >= 7.0.0, < 7.0.12
Create a notification for this product.
redis redis Affected: 7.0.0 , < 7.0.12 (custom)
    cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T17:01:09.772Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/redis/redis/security/advisories/GHSA-4cfx-h9gq-xpx3",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/redis/redis/security/advisories/GHSA-4cfx-h9gq-xpx3"
          },
          {
            "name": "https://github.com/redis/redis/releases/tag/7.0.12",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/redis/redis/releases/tag/7.0.12"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TDNNH2ONMVNBQ6LUIAOAGDNFPKXNST5K/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MIF5MAGYARYUMRFK7PQI7HYXMK2HZE5T/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20230814-0009/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "redis",
            "vendor": "redis",
            "versions": [
              {
                "lessThan": "7.0.12",
                "status": "affected",
                "version": "7.0.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-36824",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-18T18:06:25.399106Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-18T18:33:29.724Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "redis",
          "vendor": "redis",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 7.0.0, \u003c 7.0.12"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Redis is an in-memory database that persists on disk. In Redit 7.0 prior to 7.0.12, extracting key names from a command and a list of arguments may, in some cases, trigger a heap overflow and result in reading random heap memory, heap corruption and potentially remote code execution. Several scenarios that may lead to authenticated users executing a specially crafted `COMMAND GETKEYS` or `COMMAND GETKEYSANDFLAGS`and authenticated users who were set with ACL rules that match key names, executing a specially crafted command that refers to a variadic list of key names. The vulnerability is patched in Redis 7.0.12."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122: Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-131",
              "description": "CWE-131: Incorrect Calculation of Buffer Size",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-14T18:06:26.690Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/redis/redis/security/advisories/GHSA-4cfx-h9gq-xpx3",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/redis/redis/security/advisories/GHSA-4cfx-h9gq-xpx3"
        },
        {
          "name": "https://github.com/redis/redis/releases/tag/7.0.12",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/redis/redis/releases/tag/7.0.12"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TDNNH2ONMVNBQ6LUIAOAGDNFPKXNST5K/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MIF5MAGYARYUMRFK7PQI7HYXMK2HZE5T/"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20230814-0009/"
        }
      ],
      "source": {
        "advisory": "GHSA-4cfx-h9gq-xpx3",
        "discovery": "UNKNOWN"
      },
      "title": "Heap overflow in COMMAND GETKEYS and ACL evaluation in Redis"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-36824",
    "datePublished": "2023-07-11T16:16:16.432Z",
    "dateReserved": "2023-06-27T15:43:18.386Z",
    "dateUpdated": "2025-02-13T16:56:27.711Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation
Implementation

When allocating a buffer for the purpose of transforming, converting, or encoding an input, allocate enough memory to handle the largest possible encoding. For example, in a routine that converts "&" characters to "&amp;" for HTML entity encoding, the output buffer needs to be at least 5 times as large as the input buffer.

Mitigation MIT-36
Implementation
  • Understand the programming language's underlying representation and how it interacts with numeric calculation (CWE-681). Pay close attention to byte size discrepancies, precision, signed/unsigned distinctions, truncation, conversion and casting between types, "not-a-number" calculations, and how the language handles numbers that are too large or too small for its underlying representation. [REF-7]
  • Also be careful to account for 32-bit, 64-bit, and other potential differences that may affect the numeric representation.
Mitigation MIT-8
Implementation

Strategy: Input Validation

Perform input validation on any numeric input by ensuring that it is within the expected range. Enforce that the input meets both the minimum and maximum requirements for the expected range.

Mitigation MIT-15
Architecture and Design

For any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.

Mitigation
Implementation

When processing structured incoming data containing a size field followed by raw data, identify and resolve any inconsistencies between the size field and the actual size of the data (CWE-130).

Mitigation
Implementation

When allocating memory that uses sentinels to mark the end of a data structure - such as NUL bytes in strings - make sure you also include the sentinel in your calculation of the total amount of memory that must be allocated.

Mitigation MIT-13
Implementation

Replace unbounded copy functions with analogous functions that support length arguments, such as strcpy with strncpy. Create these if they are not available.

Mitigation
Implementation

Use sizeof() on the appropriate data type to avoid CWE-467.

Mitigation
Implementation

Use the appropriate type for the desired action. For example, in C/C++, only use unsigned types for values that could never be negative, such as height, width, or other numbers related to quantity. This will simplify validation and will reduce surprises related to unexpected casting.

Mitigation MIT-4
Architecture and Design

Strategy: Libraries or Frameworks

  • Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid [REF-1482].
  • Use libraries or frameworks that make it easier to handle numbers without unexpected consequences, or buffer allocation routines that automatically track buffer size.
  • Examples include safe integer handling packages such as SafeInt (C++) or IntegerLib (C or C++). [REF-106]
Mitigation MIT-10
Operation Build and Compilation

Strategy: Environment Hardening

  • Use automatic buffer overflow detection mechanisms that are offered by certain compilers or compiler extensions. Examples include: the Microsoft Visual Studio /GS flag, Fedora/Red Hat FORTIFY_SOURCE GCC flag, StackGuard, and ProPolice, which provide various mechanisms including canary-based detection and range/index checking.
  • D3-SFCV (Stack Frame Canary Validation) from D3FEND [REF-1334] discusses canary-based detection in detail.
Mitigation MIT-11
Operation Build and Compilation

Strategy: Environment Hardening

  • Run or compile the software using features or extensions that randomly arrange the positions of a program's executable and libraries in memory. Because this makes the addresses unpredictable, it can prevent an attacker from reliably jumping to exploitable code.
  • Examples include Address Space Layout Randomization (ASLR) [REF-58] [REF-60] and Position-Independent Executables (PIE) [REF-64]. Imported modules may be similarly realigned if their default memory addresses conflict with other modules, in a process known as "rebasing" (for Windows) and "prelinking" (for Linux) [REF-1332] using randomly generated addresses. ASLR for libraries cannot be used in conjunction with prelink since it would require relocating the libraries at run-time, defeating the whole purpose of prelinking.
  • For more information on these techniques see D3-SAOR (Segment Address Offset Randomization) from D3FEND [REF-1335].
Mitigation MIT-12
Operation

Strategy: Environment Hardening

  • Use a CPU and operating system that offers Data Execution Protection (using hardware NX or XD bits) or the equivalent techniques that simulate this feature in software, such as PaX [REF-60] [REF-61]. These techniques ensure that any instruction executed is exclusively at a memory address that is part of the code segment.
  • For more information on these techniques see D3-PSEP (Process Segment Execution Prevention) from D3FEND [REF-1336].
Mitigation MIT-26
Implementation

Strategy: Compilation or Build Hardening

Examine compiler warnings closely and eliminate problems with potential security implications, such as signed / unsigned mismatch in memory operations, or use of uninitialized variables. Even if the weakness is rarely exploitable, a single failure may lead to the compromise of the entire system.

Mitigation MIT-17
Architecture and Design Operation

Strategy: Environment Hardening

Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.

Mitigation MIT-22
Architecture and Design Operation

Strategy: Sandbox or Jail

  • Run the code in a "jail" or similar sandbox environment that enforces strict boundaries between the process and the operating system. This may effectively restrict which files can be accessed in a particular directory or which commands can be executed by the software.
  • OS-level examples include the Unix chroot jail, AppArmor, and SELinux. In general, managed code may provide some protection. For example, java.io.FilePermission in the Java SecurityManager allows the software to specify restrictions on file operations.
  • This may not be a feasible solution, and it only limits the impact to the operating system; the rest of the application may still be subject to compromise.
  • Be careful to avoid CWE-243 and other weaknesses related to jails.
CAPEC-100: Overflow Buffers

Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an adversary. As a consequence, an adversary is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the adversaries' choice.

CAPEC-47: Buffer Overflow via Parameter Expansion

In this attack, the target software is given input that the adversary knows will be modified and expanded in size during processing. This attack relies on the target software failing to anticipate that the expanded data may exceed some internal limit, thereby creating a buffer overflow.