CVE-2024-23601

CRITICAL Year: 2024
CVSS v3 Score
9.8
Critical
Weakness Type
CWE-345
View all →

Vulnerability Description

A code injection vulnerability exists in the scan_lib.bin functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted scan_lib.bin can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

Related Vulnerabilities

CVE-2013-2167

CRITICAL
CVSS:9.8(Critical)

python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass

CWE-3452013

CVE-2015-3956

CRITICAL
CVSS:9.8(Critical)

Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior accept drug libraries, firmware updates, pum...

CWE-3452015

CVE-2016-1000004

CRITICAL
CVSS:9.8(Critical)

Insufficient type checks were employed prior to casting input data in SimpleXMLElement_exportNode and simplexml_import_dom. This issue affects HHVM versions prior to 3.9.5, all versions between 3.10.0...

CWE-3452016

CVE-2017-3198

CRITICAL
CVSS:9.8(Critical)

GIGABYTE BRIX UEFI firmware does not cryptographically validate images prior to updating the system firmware. Additionally, the firmware updates are served over HTTP. An attacker can make arbitrary mo...

CWE-3452017

CVE-2018-19971

CRITICAL
CVSS:9.8(Critical)

JFrog Artifactory Pro 6.5.9 has Incorrect Access Control.

CWE-3452018

CVE-2019-11235

CRITICAL
CVSS:9.8(Critical)

FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection ...

CWE-3452019