CVE-2024-5412
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE-120)
Summary
A buffer overflow vulnerability exists in the library "libclinkc" of the Zyxel VMG8825-T50K firmware version 5.50(ABOM.8)C0. This vulnerability could allow an unauthenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.
Impact
The vulnerability allows an unauthenticated attacker to cause denial of service (DoS) conditions on affected Zyxel devices. This could lead to service disruptions and potentially impact the availability of network services provided by these devices. The attack can be initiated remotely over the network, requires no user interaction, and has a low attack complexity, making it relatively easy to exploit.
Exploitation
There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.
Patch
A patch is available. Zyxel has released firmware updates to address this vulnerability for multiple affected products. The security advisory with patch information was published on September 6, 2024.
Mitigation
1. Update affected Zyxel devices to the latest firmware versions as provided by the vendor. 2. For the VMG8825-T50K specifically, update to a firmware version newer than 5.50(ABOM.8.4)C0. 3. If immediate patching is not possible, implement network segmentation and access controls to limit exposure of vulnerable devices. 4. Monitor for unusual network activity or unexpected device behavior that could indicate exploitation attempts. 5. Consider implementing intrusion detection/prevention systems (IDS/IPS) to detect and block potential exploitation attempts.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Timeline
NVD published the first details for CVE-2024-5412
Feedly found the first article mentioning CVE-2024-5412. See article
Feedly estimated the CVSS score as HIGH
EPSS Score was set to: 0.05% (Percentile: 17.7%)