CVE-2024-37040

🗓️ 12 Jun 2024 16:56:06Reported by schneiderType

Buffer overflow vulnerability in device web interfac

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2024-37040	17 Apr 202510:00	–	circl
CNNVD	Schneider Electric SAGE RTUs Security Vulnerability	12 Jun 202400:00	–	cnnvd
Cvelist	CVE-2024-37040	12 Jun 202416:56	–	cvelist
EUVD	EUVD-2024-36407	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Schneider Electric Sage RTU systems	11 Jun 202411:33	–	ncsc
NVD	CVE-2024-37040	12 Jun 202417:15	–	nvd
OSV	CVE-2024-37040	12 Jun 202417:15	–	osv
Positive Technologies	PT-2024-4204 · Schneider Electric · Schneider Electric Sage	11 Jun 202400:00	–	ptsecurity
Vulnrichment	CVE-2024-37040	12 Jun 202416:56	–	vulnrichment

NVD

Node

schneider-electric sage_rtu_firmwareRange<c3414-500-s02k5_p9

AND

schneider-electric sage_1410Match-

schneider-electric sage_1430Match-

schneider-electric sage_1450Match-

schneider-electric sage_2400Match-

schneider-electric sage_3030_magnumMatch-

schneider-electric sage_4400Match-

[
  {
    "defaultStatus": "unaffected",
    "product": "Sage 1410",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "Versions C3414-500-S02K5_P8 and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Sage 1430",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "Versions C3414-500-S02K5_P8 and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Sage 1450",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "Versions C3414-500-S02K5_P8 and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Sage 2400",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "Versions C3414-500-S02K5_P8 and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Sage 3030 Magnum",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "Versions C3414-500-S02K5_P8 and prior"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Sage 4400",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "Versions C3414-500-S02K5_P8 and prior"
      }
    ]
  }
]

Source	Link
download	www.download.schneider-electric.com/files

21 Nov 2024 09:23Current

5.5Medium risk

Vulners AI Score5.5

CVSS 3.15.4 - 8.1

EPSS0.00235

SSVC

CWE-120