CVE-2024-37040: Buffer Overflow
First published: Wed Jun 12 2024(Updated: )
CWE-120: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability exists that could allow a user with access to the device’s web interface to cause a fault on the device when sending a malformed HTTP request.
Credit: cybersecurity@se.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Schneider-electric Sage Rtu Firmware | <c3414-500-s02k5_p9 | |
| Any of | ||
| Schneider-electric Sage 1410 | ||
| Schneider-electric Sage 1430 | ||
| Schneider-electric Sage 1450 | ||
| Schneider-electric Sage 2400 | ||
| Schneider-electric Sage 3030 Magnum | ||
| Schneider-electric Sage 4400 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
- agent/weakness
- agent/references
- agent/description
- agent/type
- agent/first-publish-date
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/severity
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/schneider-electric
- canonical/schneider-electric sage rtu firmware
- canonical/schneider-electric sage 1410
- canonical/schneider-electric sage 1430
- canonical/schneider-electric sage 1450
- canonical/schneider-electric sage 2400
- canonical/schneider-electric sage 3030 magnum
- canonical/schneider-electric sage 4400