CVE Vulnerabilities

CVE-2024-23601

Insufficient Verification of Data Authenticity

Published: May 28, 2024 | Modified: Feb 12, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

A code injection vulnerability exists in the scan_lib.bin functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted scan_lib.bin can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

Weakness

The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.

Affected Software

Name Vendor Start Version End Version
P3-550e_firmware Automationdirect 1.2.10.9 (including) 1.2.10.9 (including)
P3-550e_firmware Automationdirect 4.1.1.10 (including) 4.1.1.10 (including)

References