{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T09:36:51.317","vulnerabilities":[{"cve":{"id":"CVE-2024-24959","sourceIdentifier":"talos-cna@cisco.com","published":"2024-05-28T16:15:14.997","lastModified":"2025-02-12T18:31:34.233","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset `0xb6c18`."},{"lang":"es","value":"Existen varias vulnerabilidades de escritura fuera de los límites en la funcionalidad API del sistema de archivos de conexión del software de programación de AutomationDirect P3-550E 1.2.10.9. Los paquetes de red especialmente manipulados pueden provocar daños en la memoria del montón. Un atacante puede enviar paquetes maliciosos para activar estas vulnerabilidades. Este CVE rastrea la vulnerabilidad de escritura arbitraria de bytes nulos ubicada en el firmware 1.2.10.9 del P3-550E en el desplazamiento `0xb6c18`."}],"metrics":{"cvssMetricV31":[{"source":"talos-cna@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.2}]},"weaknesses":[{"source":"talos-cna@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:automationdirect:p3-550e_firmware:1.2.10.9:*:*:*:*:*:*:*","matchCriteriaId":"4A393F14-3BD3-44DE-B06F-9235AB62C68F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:automationdirect:p3-550e:-:*:*:*:*:*:*:*","matchCriteriaId":"5086EF1F-C3CE-4B5F-A352-67CE332A6C4F"}]}]}],"references":[{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938","source":"talos-cna@cisco.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1938","source":"talos-cna@cisco.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1938","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}