How severe is CVE-2024-49775?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2024-49775?

This is classified as CWE-122, which is a common weakness in software security.

CVE-2024-49775

CRITICAL Year: 2024

CVSS v3 Score

9.8

Critical

Weakness Type

CWE-122

View all →

Vulnerability Description

A vulnerability has been identified in Opcenter Execution Foundation (All versions), Opcenter Intelligence (All versions), Opcenter Quality (All versions), Opcenter RDL (All versions), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions < V4.1 Update 3), SIMATIC PCS neo V5.0 (All versions < V5.0 Update 1), SINEC NMS (All versions if operated in conjunction with UMC < V2.15), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions). Affected products contain a heap-based buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to execute arbitrary code.

CVE-2014-9187

CRITICAL

CVSS:9.8(Critical)

Multiple heap-based buffer overflow vulnerabilities exist in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules, which could le...

CWE-1222014

CVE-2016-8622

CRITICAL

CVSS:9.8(Critical)

The URL percent-encoding decode function in libcurl before 7.51.0 is called `curl_easy_unescape`. Internally, even if this function would be made to allocate a unscape destination buffer larger than 2...

CWE-1222016

CVE-2017-7555

CRITICAL

CVSS:9.8(Critical)

Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application...

CWE-1222017

CVE-2017-9636

CRITICAL

CVSS:9.8(Critical)

Mitsubishi E-Designer, Version 7.52 Build 344 contains five code sections which may be exploited to overwrite the heap. This can result in arbitrary code execution, compromised data integrity, denial ...

CWE-1222017

CVE-2018-10617

CRITICAL

CVSS:9.8(Critical)

Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior utilizes a fixed-length heap buffer where a value larger than the buffer can be read from a .dpa file into the buffer, c...

CWE-1222018

CVE-2018-14618

CRITICAL

CVSS:9.8(Critical)

curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figu...

CWE-1222018

CVE-2024-49775

Vulnerability Description

Related Vulnerabilities

CVE-2014-9187

CVE-2016-8622

CVE-2017-7555

CVE-2017-9636

CVE-2018-10617

CVE-2018-14618