Incorrect Calculation of Buffer Size (CWE-131) in the Controller 6000 and Controller 7000 OSDP message handling, allows an attacker with physical access to Controller wiring to instigate a reboot leading to a denial of service.
This issue affects: Controller 6000 and Controller 7000 9.10 prior to vCR9.10.240816a (distributed in 9.10.1530 (MR2)), 9.00 prior to vCR9.00.240816a (distributed in 9.00.2168 (MR4)), 8.90 prior to vCR8.90.240816a (distributed in 8.90.2155 (MR5)), 8.80 prior to vCR8.80.240816b (distributed in 8.80.1938 (MR6)), all versions of 8.70 and prior.
Metrics
Affected Vendors & Products
References
History
Wed, 11 Sep 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 11 Sep 2024 04:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Incorrect Calculation of Buffer Size (CWE-131) in the Controller 6000 and Controller 7000 OSDP message handling, allows an attacker with physical access to Controller wiring to instigate a reboot leading to a denial of service. This issue affects: Controller 6000 and Controller 7000 9.10 prior to vCR9.10.240816a (distributed in 9.10.1530 (MR2)), 9.00 prior to vCR9.00.240816a (distributed in 9.00.2168 (MR4)), 8.90 prior to vCR8.90.240816a (distributed in 8.90.2155 (MR5)), 8.80 prior to vCR8.80.240816b (distributed in 8.80.1938 (MR6)), all versions of 8.70 and prior. | |
Weaknesses | CWE-131 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Gallagher
Published: 2024-09-11T04:03:50.955Z
Updated: 2024-09-11T13:36:30.656Z
Reserved: 2024-08-28T02:46:11.085Z
Link: CVE-2024-39808
Vulnrichment
Updated: 2024-09-11T13:36:26.284Z
NVD
Status : Awaiting Analysis
Published: 2024-09-11T04:15:05.597
Modified: 2024-09-11T16:26:11.920
Link: CVE-2024-39808
Redhat
No data.