CVE-2024-22104

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-22104
Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS).

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://jungo.com/windriver/versions/ Release Notes
https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04 Third Party Advisory US Government Resource
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:jungo:windriver:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:mitsubishielectric:cpu_module_logging_configuration_tool:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:cw_configurator:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:data_transfer:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:data_transfer_classic:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:ezsocket:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:fr_configurator_sw3:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:fr_configurator2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:genesis64:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gt_got1000:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gt_got2000:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gt_softgot1000:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gt_softgot2000:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_developer:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_logviewer:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_works2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:gx_works3:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:iq_works:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mi_configurator:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mr_configurator:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mr_configurator2:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mx_component:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:mx_opc_server_da\/ua:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:numerical_control_device_communication:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:px_developer\/monitor_tool:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:rt_toolbox3:*:*:*:*:*:*:*:*
cpe:2.3:a:mitsubishielectric:rt_visualbox:*:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:mitsubishielectric:mrzjw3-mc2-utl_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:mrzjw3-mc2-utl:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:mitsubishielectric:sw0dnc-mneth-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw0dnc-mneth-b:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:mitsubishielectric:sw1dnc-ccbd2-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnc-ccbd2-b:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:mitsubishielectric:sw1dnc-ccief-j_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnc-ccief-j:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:mitsubishielectric:sw1dnc-ccief-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnc-ccief-b:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:mitsubishielectric:sw1dnc-mnetg-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnc-mnetg-b:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:mitsubishielectric:sw1dnc-qsccf-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnc-qsccf-b:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:mitsubishielectric:sw1dnd-emsdk-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:sw1dnd-emsdk-b:-:*:*:*:*:*:*:*
History

No history.

Information

Published : 2024-07-02 15:15

Updated : 2024-07-08 14:17

NVD link : CVE-2024-22104

Mitre link : CVE-2024-22104

CVE.ORG link : CVE-2024-22104

JSON object : View

Products Affected

mitsubishielectric

  • sw1dnc-mnetg-b_firmware
  • data_transfer
  • fr_configurator2
  • px_developer\/monitor_tool
  • fr_configurator_sw3
  • gt_got2000
  • rt_toolbox3
  • mrzjw3-mc2-utl_firmware
  • numerical_control_device_communication
  • mx_opc_server_da\/ua
  • genesis64
  • gx_logviewer
  • sw1dnc-ccief-j_firmware
  • sw1dnc-ccbd2-b
  • sw1dnc-qsccf-b
  • sw1dnc-qsccf-b_firmware
  • mx_component
  • sw1dnc-ccbd2-b_firmware
  • mr_configurator
  • mr_configurator2
  • mi_configurator
  • sw1dnc-ccief-j
  • sw0dnc-mneth-b
  • iq_works
  • sw1dnc-ccief-b
  • gx_developer
  • data_transfer_classic
  • gt_got1000
  • sw1dnc-mnetg-b
  • gt_softgot1000
  • cw_configurator
  • cpu_module_logging_configuration_tool
  • gx_works2
  • ezsocket
  • mrzjw3-mc2-utl
  • sw0dnc-mneth-b_firmware
  • gx_works3
  • sw1dnd-emsdk-b_firmware
  • sw1dnc-ccief-b_firmware
  • gt_softgot2000
  • sw1dnd-emsdk-b
  • rt_visualbox

jungo

  • windriver
CWE
CWE-787

Out-of-bounds Write

CWE-400

Uncontrolled Resource Consumption