CVE-2024-23814

Summary

CVE-2024-23814 is a vulnerability affecting multiple SCALANCE WAB, WAM, WAM766, WUB, and WUM series devices, including WAB762-1, WAM763-1, WAM766-1, WUB762-1, and WUM763-1. These devices have versions prior to V3.0.0. The integrated ICMP service of the network stack on these devices is susceptible to memory exhaustion when processing specially crafted messages related to IP fragment re-assembly. An unauthenticated remote attacker can exploit this vulnerability, leading to a temporary denial-of-service (DoS) condition for the ICMP service. Other communication services remain unaffected, and normal device operation resumes once the attack terminates.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.