CVE-2024-26000 PHOENIX CONTACT: Out of bounds read only memory access

🗓️ 12 Mar 2024 08:11:52Reported by CERTVDEType

PHOENIX CONTACT: Out of bounds read only memory access

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2024-26000	12 Mar 202410:26	–	circl
CNNVD	PHOENIX CONTACT CHARX SEC Buffer Error Vulnerability	12 Mar 202400:00	–	cnnvd
CVE	CVE-2024-26000	12 Mar 202408:11	–	cve
EUVD	EUVD-2024-23296	3 Oct 202520:07	–	euvd
NVD	CVE-2024-26000	12 Mar 202409:15	–	nvd
Prion	Input validation	12 Mar 202409:15	–	prion
Positive Technologies	PT-2024-21273 · Phoenix Contact · Charx Sec-3100	12 Mar 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-26000	23 May 202509:53	–	redhatcve
Vulnrichment	CVE-2024-26000 PHOENIX CONTACT: Out of bounds read only memory access	12 Mar 202408:11	–	vulnrichment
Zero Day Initiative	(Pwn2Own) Phoenix Contact CHARX SEC-3100 MTQQ Protocol JSON Parsing Type Confusion Information Disclosure Vulnerability	21 Jun 202400:00	–	zdi

[
  {
    "defaultStatus": "unaffected",
    "product": "CHARX SEC-3000",
    "vendor": "PHOENIX CONTACT",
    "versions": [
      {
        "lessThanOrEqual": "1.5.0",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CHARX SEC-3050",
    "vendor": "PHOENIX CONTACT",
    "versions": [
      {
        "lessThanOrEqual": "1.5.0",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CHARX SEC-3100",
    "vendor": "PHOENIX CONTACT",
    "versions": [
      {
        "lessThanOrEqual": "1.5.0",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CHARX SEC-3150",
    "vendor": "PHOENIX CONTACT",
    "versions": [
      {
        "lessThanOrEqual": "1.5.0",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
cert	www.cert.vde.com/en/advisories/VDE-2024-011

24 Jan 2025 06:37Current

6Medium risk

Vulners AI Score6

CVSS 3.15.9

EPSS0.0081

CWE-125