CVE-2024-12650 (GCVE-0-2024-12650)
Vulnerability from cvelistv5
Published
2025-03-05 11:46
Modified
2025-03-05 14:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-252 - Unchecked Return Value
Summary
An attacker with low privileges can manipulate the requested memory size, causing the application to use an invalid memory area. This could lead to a crash of the application but it does not affected other applications.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12650",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T14:11:34.419639Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T14:12:02.004Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CC100 0751-9x01",
"vendor": "WAGO",
"versions": [
{
"lessThan": "04.07.01",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CC100 0751-9x01",
"vendor": "WAGO",
"versions": [
{
"lessThan": "04.07.01",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Edge Controller 0752-8303/8000-0002",
"vendor": "WAGO",
"versions": [
{
"lessThan": "04.07.01",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Edge Controller 0752-8303/8000-0002",
"vendor": "WAGO",
"versions": [
{
"lessThan": "04.07.01",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PFC100 G1 0750-810x/xxxx-xxxx",
"vendor": "WAGO",
"versions": [
{
"lessThan": "3.10.11",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PFC100 G1 0750-810x/xxxx-xxxx",
"vendor": "WAGO",
"versions": [
{
"lessThan": "04.07.01",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PFC100 G2 0750-811x-xxxx-xxxx",
"vendor": "WAGO",
"versions": [
{
"lessThan": "04.07.01",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PFC100 G2 0750-811x-xxxx-xxxx",
"vendor": "WAGO",
"versions": [
{
"lessThan": "04.07.01",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PFC200 G1 750-820x-xxx-xxx",
"vendor": "WAGO",
"versions": [
{
"lessThan": "3.10.11",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PFC200 G1 750-820x-xxx-xxx",
"vendor": "WAGO",
"versions": [
{
"lessThan": "04.07.01",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PFC200 G2 750-821x-xxx-xxx",
"vendor": "WAGO",
"versions": [
{
"lessThan": "04.07.01",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PFC200 G2 750-821x-xxx-xxx",
"vendor": "WAGO",
"versions": [
{
"lessThan": "04.07.01",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TP600 0762-420x/8000-000x",
"vendor": "WAGO",
"versions": [
{
"lessThan": "04.07.01",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TP600 0762-420x/8000-000x",
"vendor": "WAGO",
"versions": [
{
"lessThan": "04.07.01",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TP600 0762-430x/8000-000x",
"vendor": "WAGO",
"versions": [
{
"lessThan": "04.07.01",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TP600 0762-430x/8000-000x",
"vendor": "WAGO",
"versions": [
{
"lessThan": "04.07.01",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TP600 0762-520x/8000-000x",
"vendor": "WAGO",
"versions": [
{
"lessThan": "04.07.01",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TP600 0762-520x/8000-000x",
"vendor": "WAGO",
"versions": [
{
"lessThan": "04.07.01",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TP600 0762-530x/8000-000x",
"vendor": "WAGO",
"versions": [
{
"lessThan": "04.07.01",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TP600 0762-530x/8000-000x",
"vendor": "WAGO",
"versions": [
{
"lessThan": "04.07.01",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TP600 0762-620x/8000-000x",
"vendor": "WAGO",
"versions": [
{
"lessThan": "04.07.01",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TP600 0762-620x/8000-000x",
"vendor": "WAGO",
"versions": [
{
"lessThan": "04.07.01",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TP600 0762-630x/8000-000x",
"vendor": "WAGO",
"versions": [
{
"lessThan": "04.07.01",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TP600 0762-630x/8000-000x",
"vendor": "WAGO",
"versions": [
{
"lessThan": "04.07.01",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gabriele Quagliarella from Nozomi Networks"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn attacker with low privileges can manipulate the requested memory size, causing the application to use an invalid memory area. This could lead to a crash of the application but it does not affected other applications.\u003c/p\u003e"
}
],
"value": "An attacker with low privileges can manipulate the requested memory size, causing the application to use an invalid memory area. This could lead to a crash of the application but it does not affected other applications."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-252",
"description": "CWE-252 Unchecked Return Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T11:46:15.486Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2025-004"
}
],
"source": {
"advisory": "VDE-2025-004",
"defect": [
"CERT@VDE#641731"
],
"discovery": "UNKNOWN"
},
"title": "Wago: Vulnerability in libwagosnmp",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-12650",
"datePublished": "2025-03-05T11:46:15.486Z",
"dateReserved": "2024-12-16T07:37:06.620Z",
"dateUpdated": "2025-03-05T14:12:02.004Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-12650\",\"sourceIdentifier\":\"info@cert.vde.com\",\"published\":\"2025-03-05T12:15:34.803\",\"lastModified\":\"2025-03-05T12:15:34.803\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An attacker with low privileges can manipulate the requested memory size, causing the application to use an invalid memory area. This could lead to a crash of the application but it does not affected other applications.\"},{\"lang\":\"es\",\"value\":\"Un atacante con pocos privilegios puede manipular el tama\u00f1o de memoria solicitado, lo que hace que la aplicaci\u00f3n utilice un \u00e1rea de memoria no v\u00e1lida. Esto podr\u00eda provocar un bloqueo de la aplicaci\u00f3n, pero no afecta a otras aplicaciones.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"info@cert.vde.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":2.5}]},\"weaknesses\":[{\"source\":\"info@cert.vde.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-252\"}]}],\"references\":[{\"url\":\"https://cert.vde.com/en/advisories/VDE-2025-004\",\"source\":\"info@cert.vde.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-12650\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-03-05T14:11:34.419639Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-05T14:11:49.052Z\"}}], \"cna\": {\"title\": \"Wago: Vulnerability in libwagosnmp\", \"source\": {\"defect\": [\"CERT@VDE#641731\"], \"advisory\": \"VDE-2025-004\", \"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"Gabriele Quagliarella from Nozomi Networks\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"WAGO\", \"product\": \"CC100 0751-9x01\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"04.07.01\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"CC100 0751-9x01\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"04.07.01\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"Edge Controller 0752-8303/8000-0002\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"04.07.01\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"Edge Controller 0752-8303/8000-0002\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"04.07.01\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"PFC100 G1 0750-810x/xxxx-xxxx\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"3.10.11\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"PFC100 G1 0750-810x/xxxx-xxxx\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"04.07.01\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"PFC100 G2 0750-811x-xxxx-xxxx\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"04.07.01\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"PFC100 G2 0750-811x-xxxx-xxxx\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"04.07.01\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"PFC200 G1 750-820x-xxx-xxx\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"3.10.11\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"PFC200 G1 750-820x-xxx-xxx\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"04.07.01\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"PFC200 G2 750-821x-xxx-xxx\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"04.07.01\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"PFC200 G2 750-821x-xxx-xxx\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"04.07.01\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"TP600 0762-420x/8000-000x\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"04.07.01\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"TP600 0762-420x/8000-000x\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"04.07.01\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"TP600 0762-430x/8000-000x\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"04.07.01\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"TP600 0762-430x/8000-000x\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"04.07.01\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"TP600 0762-520x/8000-000x\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"04.07.01\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"TP600 0762-520x/8000-000x\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"04.07.01\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"TP600 0762-530x/8000-000x\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"04.07.01\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"TP600 0762-530x/8000-000x\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"04.07.01\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"TP600 0762-620x/8000-000x\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"04.07.01\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"TP600 0762-620x/8000-000x\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"04.07.01\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"TP600 0762-630x/8000-000x\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"04.07.01\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"TP600 0762-630x/8000-000x\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"04.07.01\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://cert.vde.com/en/advisories/VDE-2025-004\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An attacker with low privileges can manipulate the requested memory size, causing the application to use an invalid memory area. This could lead to a crash of the application but it does not affected other applications.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eAn attacker with low privileges can manipulate the requested memory size, causing the application to use an invalid memory area. This could lead to a crash of the application but it does not affected other applications.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-252\", \"description\": \"CWE-252 Unchecked Return Value\"}]}], \"providerMetadata\": {\"orgId\": \"270ccfa6-a436-4e77-922e-914ec3a9685c\", \"shortName\": \"CERTVDE\", \"dateUpdated\": \"2025-03-05T11:46:15.486Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-12650\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-03-05T14:12:02.004Z\", \"dateReserved\": \"2024-12-16T07:37:06.620Z\", \"assignerOrgId\": \"270ccfa6-a436-4e77-922e-914ec3a9685c\", \"datePublished\": \"2025-03-05T11:46:15.486Z\", \"assignerShortName\": \"CERTVDE\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…