CVE-2024-1915

EPSS 1.04%
Veröffentlicht 15.03.2024 01:15:58
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle Mitsubishielectric.Psirt@yd.Mi
CVE-Watchlists
Login
Unerledigt
Login

Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

CNA 25 VulnDex Vulnerability Enrichment 5

Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)

Herstellermitsubishielectric

≫

Produkt melsec_q-q03udecpu

Default Statusunknown

Version 0

Version < xxxxx26061

Status affected

Herstellermitsubishielectric

≫

Produkt melsec_q-q04udehcpu

Default Statusunknown

Version 0

Version < xxxxx26061

Status affected

Herstellermitsubishielectric

≫

Produkt melsec_q-q06udehcpu

Default Statusunknown

Version 0

Version < xxxxx26061

Status affected

Herstellermitsubishielectric

≫

Produkt melsec_q-q10udehcpu

Default Statusunknown

Version 0

Version < xxxxx26061

Status affected

Herstellermitsubishielectric

≫

Produkt melsec_q-q13udehcpu

Default Statusunknown

Version 0

Version < xxxxx26061

Status affected

Herstellermitsubishielectric

≫

Produkt melsec_q-q20udehcpu

Default Statusunknown

Version 0

Version < xxxxx26061

Status affected

Herstellermitsubishielectric

≫

Produkt melsec_q-q26udehcpu

Default Statusunknown

Version 0

Version < xxxxx26061

Status affected

Herstellermitsubishielectric

≫

Produkt melsec_q-q50udehcpu

Default Statusunknown

Version 0

Version < xxxxx26061

Status affected

Herstellermitsubishielectric

≫

Produkt melsec_q-q100udehcpu

Default Statusunknown

Version 0

Version < xxxxx26061

Status affected

Herstellermitsubishi

≫

Produkt melsec_q03udvcpu

Default Statusunknown

Version 0

Version < xxxxx26061

Status affected

Herstellermitsubishi

≫

Produkt melsec_q04udvcpu

Default Statusunknown

Version 0

Version < xxxxx26061

Status affected

Herstellermitsubishi

≫

Produkt melsec_q06udvcpu

Default Statusunknown

Version 0

Version < xxxxx26061

Status affected

Herstellermitsubishi

≫

Produkt melsec_q13udvcpu

Default Statusunknown

Version 0

Version < xxxxx26061

Status affected

Herstellermitsubishi

≫

Produkt melsec_q26udvcpu

Default Statusunknown

Version 0

Version < xxxxx26061

Status affected

Herstellermitsubishi

≫

Produkt melsec_q06udpvcpu

Default Statusunknown

Version 0

Version < xxxxx26061

Status affected

Herstellermitsubishi

≫

Produkt melsec_q13udpvcpu

Default Statusunknown

Version 0

Version < xxxxx26061

Status affected

Herstellermitsubishi

≫

Produkt melsec_q26udpvcpu

Default Statusunknown

Version 0

Version < xxxxx26061

Status affected

Herstellermitsubishielectric

≫

Produkt l02cpu-p

Default Statusunknown

Version 0

Version < xxxxx26041

Status affected

Herstellermitsubishi

≫

Produkt melsec_l06cpu\(-p\)

Default Statusunknown

Version 0

Version < xxxxx26041

Status affected

Herstellermitsubishi

≫

Produkt melsec_l26cpu\(-p\)

Default Statusunknown

Version 0

Version < xxxxx26041

Status affected

Herstellermitsubishielectric

≫

Produkt melsec_l02cpu-p

Default Statusunknown

Version 0

Version < xxxxx26041

Status affected

Herstellermitsubishielectric

≫

Produkt melsec_l06cpu-p

Default Statusunknown

Version 0

Version < xxxxx26041

Status affected

Herstellermitsubishielectric

≫

Produkt melsec_l26cpu-p

Default Statusunknown

Version 0

Version < xxxxx26041

Status affected

Herstellermitsubishielectric

≫

Produkt l26cpu-bt

Default Statusunknown

Version 0

Version < xxxxx26041

Status affected

Herstellermitsubishielectric

≫

Produkt melsec_l26cpu-pbt

Default Statusunknown

Version 0

Version < xxxxx26041

Status affected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.04%	0.596

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-468 Incorrect Pointer Scaling

In C and C++, one may often accidentally refer to the wrong memory due to the semantics of when math operations are implicitly scaled.

https://jvn.jp/vu/JVNVU99690199/

https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-14

https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-024_en.pdf

https://nvd.nist.gov/vuln/detail/CVE-2024-1915

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-1915

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-1915

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-1915