CVE-2024-1916

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Mar 15, 2024

CWE ID 190

Summary

CVE-2024-1916 is an integer overflow vulnerability affecting Mitsubishi Electric Corporation's MELSEC-Q Series and MELSEC-L Series CPU modules. This issue permits a remote, unauthenticated attacker to exploit the vulnerability by sending a maliciously crafted packet. The integer overflow or wraparound condition can result in incorrect data processing, potentially leading to the execution of arbitrary code on the target product. This vulnerability poses a significant risk to industrial control systems utilizing these CPU modules, necessitating prompt patching or mitigation measures.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uq1Yqu
https://www.cve.org/CVERecord?id=CVE-2024-1916
https://nvd.nist.gov/vuln/detail/CVE-2024-1916

Back to Vulnerability Database

CVE-2024-1916

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations