CVE-2024-7490
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE-120)
Summary
An Improper Input Validation vulnerability has been identified in Microchip Technology's Advanced Software Framework (ASF) example DHCP server. This vulnerability can lead to a buffer overflow, potentially resulting in remote code execution. The issue is specifically associated with the program file tinydhcpserver.C and the program routine lwip_dhcp_find_option. This vulnerability affects Advanced Software Framework versions through 3.52.0.2574.
Impact
This vulnerability has a critical severity with a CVSS v4 base score of 9.5. The potential impacts are severe: 1. Remote Code Execution: Attackers can potentially execute arbitrary code on the affected system remotely. 2. Confidentiality Breach: The vulnerability allows for high impact on the vulnerable system's confidentiality. 3. Integrity Compromise: There is a high risk to the integrity of the vulnerable system. 4. Availability Impact: The vulnerability poses a high risk to the availability of the vulnerable system. 5. Subsequent System Effects: The vulnerability can have high impacts on the confidentiality, integrity, and availability of subsequent systems. Given the network attack vector and low attack complexity, this vulnerability could be easily exploited by remote attackers without requiring user interaction or privileges.
Exploitation
There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.
Patch
As of the latest information provided, a patch is not explicitly mentioned. However, the vulnerability affects Advanced Software Framework versions through 3.52.0.2574. It is crucial to check for updates from Microchip Technology for versions newer than 3.52.0.2574 that may address this vulnerability.
Mitigation
While waiting for a patch, consider the following mitigation strategies: 1. Network Segmentation: Isolate systems running the vulnerable DHCP server example from untrusted networks. 2. Access Control: Implement strict access controls to limit exposure of the vulnerable systems. 3. Input Validation: If possible, implement additional input validation for DHCP requests before they reach the vulnerable component. 4. Monitoring: Enhance monitoring for unusual activities or potential exploitation attempts targeting DHCP services. 5. Alternative Solutions: Consider using alternative DHCP server implementations until a patch is available. 6. Version Control: Ensure all instances of the Advanced Software Framework are identified and their versions are known to facilitate rapid patching when available. Given the critical severity, it is strongly recommended to prioritize addressing this vulnerability in your patching and remediation efforts.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Timeline
NVD published the first details for CVE-2024-7490
A CVSS base score of 9.5 has been assigned.
Feedly found the first article mentioning CVE-2024-7490. See article
Feedly estimated the CVSS score as HIGH
CVE-2024-7490 is a critical vulnerability that has been mentioned in the first article found by Feedly. It is currently being exploited in the wild by threat actors, with proof-of-concept exploits available. Mitigations, detections, and patches are not yet available, posing potential downstream impacts to other third-party vendors and technologies. See article
A CVSS base score of 9.8 has been assigned.
This CVE started to trend in security discussions
This CVE stopped trending in security discussions