CVE-2024-38268

Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119)

Published: Sep 24, 2024 / Updated: 57d ago

010
CVSS 4.9EPSS 0.04%Medium
CVE info copied to clipboard

Summary

An improper restriction of operations within the bounds of a memory buffer in the MAC address parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.

Impact

This vulnerability could lead to a thread crash on affected devices, potentially causing a denial of service. The attack requires network access and administrator privileges, limiting its scope but still posing a significant risk to system availability.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

A patch is available. Zyxel has released updated firmware versions for the affected devices.

Mitigation

1. Update the firmware of affected Zyxel devices to versions newer than those specified in the vulnerability description. 2. Limit network access to the device's management interface. 3. Ensure that administrator credentials are strong and not easily guessable. 4. Monitor for unusual activity or crashes on affected devices. 5. If immediate patching is not possible, consider additional network segmentation to isolate vulnerable devices.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Timeline

First Article

Feedly found the first article mentioning CVE-2024-38268. See article

Sep 24, 2024 at 1:43 AM / Zyxel
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Sep 24, 2024 at 1:43 AM
CVE Assignment

NVD published the first details for CVE-2024-38268

Sep 24, 2024 at 2:15 AM
CVSS

A CVSS base score of 4.9 has been assigned.

Sep 24, 2024 at 2:20 AM / nvd
CVSS Estimate

Feedly estimated the CVSS score as MEDIUM

Sep 24, 2024 at 2:31 AM
EPSS

EPSS Score was set to: 0.04% (Percentile: 14.1%)

Sep 24, 2024 at 9:33 AM
Static CVE Timeline Graph

Affected Systems

Zyxel/vmg3927-t50k_firmware
+null more

Patches

www.zyxel.com
+null more

Attack Patterns

CAPEC-10: Buffer Overflow via Environment Variables
+null more

References

Zyxel security advisory for post-authentication memory corruption vulnerabilities in some...
An improper restriction of operations within the bounds of a memory buffer in the IPv6 address parser of some DSL/Ethernet CPE, fiber ONT, WiFi extender, and security router versions could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device. An improper restriction of operations within the bounds of a memory buffer in the MAC address parser of some DSL/Ethernet CPE, fiber ONT, WiFi extender, and security router versions could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.

News

CVE Alert: CVE-2024-38268 - https://www. redpacketsecurity.com/cve_aler t_cve-2024-38268/ # OSINT # ThreatIntel # CyberSecurity # cve_2024_38268
[CERT-daily] Tageszusammenfassung - 24.09.2024
https://www.bleepingcomputer.com/news/security/new-mallox-ransomware-linux-variant-based-on-leaked-kryptina-code/ https://www.bleepingcomputer.com/news/security/new-octo-android-malware-version-impersonates-nordvpn-google-chrome/
Multiple vulnerabilities in Zyxel products
The vulnerability allows a remote user to perform a denial of service (DoS) attack. The vulnerability allows a remote user to perform a denial of service (DoS) attack.
Zyxel security advisory for post-authentication memory corruption vulnerabilities in some...
An improper restriction of operations within the bounds of a memory buffer in the IPv6 address parser of some DSL/Ethernet CPE, fiber ONT, WiFi extender, and security router versions could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device. An improper restriction of operations within the bounds of a memory buffer in the MAC address parser of some DSL/Ethernet CPE, fiber ONT, WiFi extender, and security router versions could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.
CVE-2024-38268 | Zyxel VMG8825-T50K up to 5.50(ABOM.8)C0 MAC Address Parser memory corruption
A vulnerability was found in Zyxel VMG8825-T50K up to 5.50(ABOM.8)C0 and classified as critical . This issue affects some unknown processing of the component MAC Address Parser . The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2024-38268 . The attack may be initiated remotely. There is no exploit available.
See 5 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:High
User Interaction:None
Scope:Unchanged
Confidentiality:None
Integrity:None
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI