VDB
CVE-2024-37039
CVE-2024-37039
PUBLISHED
CVSS 5.900000095367432 MEDIUM
CWE-252: Unchecked Return Value vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP request.
EPSS 0.77% · 73.9th percentile
Risk Scores
CVSS 3.1
5.900000095367432
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.77%
73.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schneider Electric | Sage 2400 | Versions C3414-500-S02K5_P8 and prior, * |
| Schneider Electric | Sage 1430 | Versions C3414-500-S02K5_P8 and prior, Versions C3414-500-S02K5_P8 and prior |
| Schneider Electric | Sage 1410 | Versions C3414-500-S02K5_P8 and prior, Versions C3414-500-S02K5_P8 and prior |
| schneider-electric | sage_4400 | 0, 0 |
| Schneider Electric | Sage 4400 | Versions C3414-500-S02K5_P8 and prior, Versions C3414-500-S02K5_P8 and prior |
| Schneider Electric | Sage 3030 Magnum | Versions C3414-500-S02K5_P8 and prior, Versions C3414-500-S02K5_P8 and prior |
| Schneider Electric | Sage 1450 | *, Versions C3414-500-S02K5_P8 and prior |
| schneider-electric | sage_rtu_firmware | 0, 0, 0 |
Timeline
- Jun 11, 2024 CVE Published
- Jun 13, 2024 EPSS Score
- Jul 6, 2024 EPSS Score
- Jul 29, 2024 EPSS Score
- Aug 21, 2024 EPSS Score
- Sep 13, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 6, 2024 EPSS Score
- Oct 29, 2024 EPSS Score
- Nov 21, 2024 EPSS Score
- Dec 14, 2024 EPSS Score
- Jan 6, 2025 EPSS Score
References
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-02.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-01.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-03.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-05&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-05.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-04.pdf advisory
- https://nvd.nist.gov/vuln/detail/CVE-2024-37039 advisory