CVE-2024-22104
Vulnerability from cvelistv5
Published
2024-07-02 00:00
Modified
2024-08-01 22:35
Summary
Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS).
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:jungo:windriver:12.5.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "windriver",
            "vendor": "jungo",
            "versions": [
              {
                "lessThan": "12.5.1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-22104",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-03T14:47:59.796129Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-400",
                "description": "CWE-400 Uncontrolled Resource Consumption",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-03T14:51:19.389Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:35:34.727Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://jungo.com/windriver/versions/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-02T15:44:29.372340",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://jungo.com/windriver/versions/"
        },
        {
          "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf"
        },
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2024-22104",
    "datePublished": "2024-07-02T00:00:00",
    "dateReserved": "2024-01-05T00:00:00",
    "dateUpdated": "2024-08-01T22:35:34.727Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-22104\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2024-07-02T15:15:11.227\",\"lastModified\":\"2024-07-08T14:17:26.540\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS).\"},{\"lang\":\"es\",\"value\":\"La vulnerabilidad de escritura fuera de los l\u00edmites en Jungo WinDriver anterior a 12.5.1 permite a atacantes locales provocar un error de pantalla azul de Windows y denegaci\u00f3n de servicio (DoS).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jungo:windriver:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"12.5.1\",\"matchCriteriaId\":\"CD5769FE-170B-4FCC-9A2E-B487C2DAFB16\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:cpu_module_logging_configuration_tool:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"463EA623-0DC2-4287-A9AC-837CBDECF76C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:cw_configurator:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E798352C-E09B-4D18-B3A8-CFCDE0AD3675\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:data_transfer:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21CC610A-0561-46A1-9077-D01D5C3F1A8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:data_transfer_classic:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B36ABBC-DB27-44D1-B844-00DFC3BBF043\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:ezsocket:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6E4BC24-6583-4791-9ED9-D2D675187DCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:fr_configurator_sw3:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D236ABC2-93E4-4428-B949-7E17945E4D98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:fr_configurator2:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CED78B28-BBBF-4869-BC1C-F0789867FB4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:genesis64:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C79890F-0B41-4855-84EE-78D5896C87A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:gt_got1000:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4400D339-BB12-414A-B891-B6105D7FCA39\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:gt_got2000:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6871A74E-8B92-4892-970F-757F404590CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:gt_softgot1000:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03DE7DE4-DC4B-40F3-BB22-B8E524081942\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:gt_softgot2000:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F8037F0-C124-4EFB-AEA1-89441975D36F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:gx_developer:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C37E74B-DA76-4E59-953E-C50D0D75804A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:gx_logviewer:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0B195E2-6076-487C-899F-A40B886BA556\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:gx_works2:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C4E7C31-D08D-487F-B7FF-9502783FFDB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:gx_works3:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4AEDEEE-5070-41E2-B4DC-6DE8456BC028\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:iq_works:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7097AFD0-5A8C-4C62-AAF7-16FB71DE210C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:mi_configurator:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A661B972-912C-4DAA-9518-CC01E0EB1A81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:mr_configurator:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76C1D9F0-48A8-4193-A781-B19ACE1B0B4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:mr_configurator2:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FB81A97-4BE8-4570-914F-304F38968613\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:mx_component:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE14782A-4AD2-4633-8A3A-D81D5C434046\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:mx_opc_server_da\\\\/ua:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A1BABCB-EDD7-4B1D-AE49-77DD1A3CCB1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:numerical_control_device_communication:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F89B350-B20F-45A8-8809-E9776C319591\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:px_developer\\\\/monitor_tool:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B10E09F-84F3-42E3-9B8D-DE309ED4A4B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:rt_toolbox3:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C12A1AA-66F0-452F-9B75-562F4A979CBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitsubishielectric:rt_visualbox:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33A13944-145E-453E-A409-BE4A984619AA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:mrzjw3-mc2-utl_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A10A8E35-923F-483B-A924-441B78FFCF6D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:mrzjw3-mc2-utl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"938DDBFF-A0CC-4311-9F30-08ABDBB67742\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:sw0dnc-mneth-b_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB49716D-8E0B-4E4C-B206-104BB64F6301\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:sw0dnc-mneth-b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C8B0237-9A91-4954-AFBE-E661467D842A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:sw1dnc-ccbd2-b_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B3B0B5A-27F2-4E08-8B75-1EAAC4DC840D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:sw1dnc-ccbd2-b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B80AF0C-EFED-4CA0-B990-0ADA6F1D0AEE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:sw1dnc-ccief-j_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B4348FF-8691-4832-9103-F46282924299\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:sw1dnc-ccief-j:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07737420-567D-49CC-9A9E-555038DFF0AA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:sw1dnc-ccief-b_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D3A5D57-DB2C-429F-BB3F-8EB7F4767E1D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:sw1dnc-ccief-b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD4CA442-BC30-407E-851E-E03037E75E8D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:sw1dnc-mnetg-b_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9826969F-D449-4032-8A0B-050D7CC3B1AE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:sw1dnc-mnetg-b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"858F9CAA-E6D3-4F1D-923D-ED9E05C3AC54\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:sw1dnc-qsccf-b_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61A13AD1-22F7-4FFD-BCB7-A4FDAF2BA659\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:sw1dnc-qsccf-b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"009853DA-ACAE-4928-AE90-090A3739BD39\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mitsubishielectric:sw1dnd-emsdk-b_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"476C7885-89D2-4A6C-94FE-E06B55A23E37\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mitsubishielectric:sw1dnd-emsdk-b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DF10CF6-1C1D-4768-A349-1AEFD26F491A\"}]}]}],\"references\":[{\"url\":\"https://jungo.com/windriver/versions/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.