Lucene search
HistorySep 04, 2024 - 8:15 p.m.
CVE-2024-42642
micron crucial mx500 series
buffer overflow
ata packets
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.6%
Micron Crucial MX500 Series Solid State Drives M3CR046 is vulnerable to Buffer Overflow, which can be triggered by sending specially crafted ATA packets from the host to the drive controller.
Affected configurations
Node
crucialmx500_firmwareMatchm3cr046
crucialct1000mx500ssd1Match-
ORcrucialct2000mx500ssd1Match-
ORcrucialct250mx500ssd1Match-
ORcrucialct4000mx500ssd1Match-
ORcrucialct500mx500ssd1Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| crucial | mx500_firmware | m3cr046 | cpe:2.3:o:crucial:mx500_firmware:m3cr046:*:*:*:*:*:*:* |
| crucial | ct1000mx500ssd1 | - | cpe:2.3:h:crucial:ct1000mx500ssd1:-:*:*:*:*:*:*:* |
| crucial | ct2000mx500ssd1 | - | cpe:2.3:h:crucial:ct2000mx500ssd1:-:*:*:*:*:*:*:* |
| crucial | ct250mx500ssd1 | - | cpe:2.3:h:crucial:ct250mx500ssd1:-:*:*:*:*:*:*:* |
| crucial | ct4000mx500ssd1 | - | cpe:2.3:h:crucial:ct4000mx500ssd1:-:*:*:*:*:*:*:* |
| crucial | ct500mx500ssd1 | - | cpe:2.3:h:crucial:ct500mx500ssd1:-:*:*:*:*:*:*:* |
Related
githubexploit
githubexploit
Exploit for Stack-based Buffer Overflow in Crucial Mx500 Firmware
2024-08-30 17:24:58
vulnrichment
vulnrichment
CVE-2024-42642
2024-09-04 00:00:00
cvelist
cvelist
CVE-2024-42642
2024-09-04 00:00:00
cve
cve
CVE-2024-42642
2024-09-04 20:15:07
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.6%
Related for NVD:CVE-2024-42642