CVE-2024-3506 Vulnerability Details

  /     /     /  

CVE-2024-3506 Metadata Quick Info

CVE Published: 08/10/2024 | CVE Updated: 08/10/2024 | CVE Year: 2024
Source: Milestone | Vendor: Milestone Systems | Product: XProtect VMS
Status : PUBLISHED

---

CVE-2024-3506 Description

A possible buffer overflow in selected cameras\' drivers from XProtect Device Pack can allow an attacker with access to internal network to execute commands on Recording Server under strict conditions.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-120
CWE Name: CWE-120 Buffer Copy without Checking Size of Input ( Classic Buffer Overflow )
Source: Milestone Systems

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID: CAPEC-100
CAPEC Description: CAPEC-100 Overflow Buffers


Source: NVD (National Vulnerability Database).