How severe is CVE-2024-33698?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2024-33698?

This is classified as CWE-122, which is a common weakness in software security.

CVE-2024-33698

CRITICAL Year: 2024

CVSS v3 Score

9.8

Critical

Weakness Type

CWE-122

View all →

Vulnerability Description

A vulnerability has been identified in Opcenter Execution Foundation (All versions), Opcenter Quality (All versions), Opcenter RDL (All versions), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions < V4.1 Update 2), SIMATIC PCS neo V5.0 (All versions < V5.0 Update 1), SINEC NMS (All versions), SINEMA Remote Connect Client (All versions < V3.2 SP3), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 5), Totally Integrated Automation Portal (TIA Portal) V19 (All versions < V19 Update 3). Affected products contain a heap-based buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to execute arbitrary code.

CVE-2014-9187

CRITICAL

CVSS:9.8(Critical)

Multiple heap-based buffer overflow vulnerabilities exist in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules, which could le...

CWE-1222014

CVE-2016-8622

CRITICAL

CVSS:9.8(Critical)

The URL percent-encoding decode function in libcurl before 7.51.0 is called `curl_easy_unescape`. Internally, even if this function would be made to allocate a unscape destination buffer larger than 2...

CWE-1222016

CVE-2017-7555

CRITICAL

CVSS:9.8(Critical)

Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application...

CWE-1222017

CVE-2017-9636

CRITICAL

CVSS:9.8(Critical)

Mitsubishi E-Designer, Version 7.52 Build 344 contains five code sections which may be exploited to overwrite the heap. This can result in arbitrary code execution, compromised data integrity, denial ...

CWE-1222017

CVE-2018-10617

CRITICAL

CVSS:9.8(Critical)

Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior utilizes a fixed-length heap buffer where a value larger than the buffer can be read from a .dpa file into the buffer, c...

CWE-1222018

CVE-2018-14618

CRITICAL

CVSS:9.8(Critical)

curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figu...

CWE-1222018

CVE-2024-33698

Vulnerability Description

Related Vulnerabilities

CVE-2014-9187

CVE-2016-8622

CVE-2017-7555

CVE-2017-9636

CVE-2018-10617

CVE-2018-14618