CVE-2024-8751 – Vulnerability in SICK MSC800
https://notcve.org/view.php?id=CVE-2024-8751
A vulnerability in the MSC800 allows an unauthenticated attacker to modify the product’s IP address over Sopas ET. This can lead to Denial of Service. Users are recommended to upgrade both MSC800 and MSC800 LFT to version V4.26 and S2.93.20 respectively which fixes this issue. • https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF https://sick.com/psirt https://www.cisa.gov/resources-tools/resources/ics-recommended-practices https://www.first.org/cvss/calculator/3.1 https://www.sick.com/.well-known/csaf/white/2024 • CWE-306: Missing Authentication for Critical Function •
CVE-2024-6077 – Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix® 5380 Vulnerable to DoS vulnerability via CIP
https://notcve.org/view.php?id=CVE-2024-6077
A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1963.html • CWE-20: Improper Input Validation •
CVE-2024-45383
https://notcve.org/view.php?id=CVE-2024-45383
A mishandling of IRP requests vulnerability exists in the HDAudBus_DMA interface of Microsoft High Definition Audio Bus Driver 10.0.19041.3636 (WinBuild.160101.0800). A specially crafted application can issue multiple IRP Complete requests which leads to a local denial-of-service. • https://github.com/SpiralBL0CK/CVE-2024-45383 https://talosintelligence.com/vulnerability_reports/TALOS-2024-2008 • CWE-664: Improper Control of a Resource Through its Lifetime •
CVE-2024-8124 – Inefficient Regular Expression Complexity in GitLab
https://notcve.org/view.php?id=CVE-2024-8124
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.1.7, starting from 17.2 prior to 17.2.5, starting from 17.3 prior to 17.3.2 which could cause Denial of Service via sending a specific POST request. • https://gitlab.com/gitlab-org/gitlab/-/issues/480533 https://hackerone.com/reports/2634880 • CWE-1333: Inefficient Regular Expression Complexity •
CVE-2024-45825 – 5015-U8IHFT Denial-of-Service Vulnerability via CIP Message
https://notcve.org/view.php?id=CVE-2024-45825
CVE-2024-45825 IMPACT A denial-of-service vulnerability exists in the affected products. The vulnerability occurs when a malformed CIP packet is sent over the network to the device and results in a major nonrecoverable fault causing a denial-of-service. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1699.html • CWE-20: Improper Input Validation •