CVE-2024-5000 — Vulnetix

Try Vulnetix Request Demo

CVE-2024-5000 PUBLISHED CVSS 8.800000190734863 HIGH

The OPC UA stack, implemented by the CmpOPCUAStack component, is an optional part of the runtime system. Both the OPC UA Server and the OPC UA Client of the runtime system use the OPC UA Stack as a common implementation. The OPC UA protocol enables data exchange between the runtime system and OPC UA clients such as SCADA or HMIs, or OPC UA servers such as PLCs or other devices. If a runtime system containing the CmpOPCUAStack component receives a specially crafted request/response, the required buffer size in the OPC UA server/client may be incorrectly calculated. This can lead to a crash of the runtime system during the subsequent initialization of the receive buffer with zero. An attacker can exploit this vulnerability by using a malicious OPC UA client to send a crafted request to the AC500 V3 PLC with an affected OPC UA server. Conversely, AC500 V3 PLCs with an affected OPC UA client can be crashed if they have connected to a malicious OPC UA server. The runtime systems usually contain both the OPC UA client and the server.

EPSS 1.18% · 78.6th percentile

Risk Scores

CVSS v3.1

8.800000190734863

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

1.18%

78.6th percentile

Affected Products

Vendor	Product	Versions
ABB	AC500 V3 products (PM5xxx) < 3.8.0

Timeline

Jun 3, 2024 CVE Published
Jun 5, 2024 EPSS Score
Jun 28, 2024 EPSS Score
Jul 20, 2024 EPSS Score
Aug 12, 2024 EPSS Score
Sep 4, 2024 EPSS Score
Sep 26, 2024 EPSS Score
Oct 5, 2024 Coalition ESS Score
Oct 19, 2024 EPSS Score
Nov 11, 2024 EPSS Score
Dec 4, 2024 EPSS Score
Dec 27, 2024 EPSS Score

References

Open in Interactive Console →