CVE-2024-43663

Summary

CVE-2024-43663: High-severity buffer overflow vulnerabilities exist in various CGI binaries of Iocharger firmware for AC model chargers before version 24120701. These flaws can lead to segmentation faults and cause a 502 Bad Gateway error, though skilled attackers might exploit them for remote code execution. The vulnerabilities are network-accessible (AV:N), no additional security measures are needed to be bypassed (AC:L), and require authentication (PR:L), but user interaction is not necessary (UI:N). The impact on availability is minimal (VC:N/VI:N/VA:L), and there is no impact on interconnected systems (SC:N/SI:N/SA:N). Despite handling significant power, this vulnerability does not pose a safety risk. Attacks can be automated (AU:Y).

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.