Published:2024/04/04 Last Updated:2024/04/04
JVNVU#94016877
Multiple vulnerabilities in Cente middleware
Overview
Some products in Cente middleware TCP/IP Network Series developed by DMG MORI Digital Co., LTD. and provided by NEXT Co., Ltd. contain multiple vulnerabilities.
Products Affected
CVE-2024-23911, CVE-2024-28894
- Cente IPv6 Ver.1.51 and earlier
- Cente IPv6 SNMPv2 Ver.2.30 and earlier
- Cente IPv6 SNMPv3 Ver.2.30 and earlier
- Cente TCP/IPv4 Ver.1.41 and earlier
- Cente TCP/IPv4 SNMPv2 Ver.2.30 and earlier
- Cente TCP/IPv4 SNMPv3 Ver.2.30 and earlier
- Cente IPv6 Ver.1.51 and earlier
- Cente IPv6 SNMPv2 Ver.2.30 and earlier
- Cente IPv6 SNMPv3 Ver.2.30 and earlier
Description
Some products in Cente middleware TCP/IP Network Series developed by DMG MORI Digital Co., LTD. and provided by NEXT Co., Ltd. contain multiple vulnerabilities listed below.
- Out-of-bounds Read caused by improper checking of the option length values in IPv6 NDP packets (CWE-125)
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Base Score 5.3
- CVE-2024-23911
- Out-of-bounds Read caused by improper checking of the option length values in IPv6 headers (CWE-125)
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Base Score 5.3
- CVE-2024-28894
- Generation of Predictable Identifiers (CWE-340)
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Base Score 5.3
- CVE-2024-28957
Impact
- An unauthenticated attacker may stop the device operations by sending a specially crafted packet (CVE-2024-23911, CVE-2024-28894)
- An unauthenticated attacker may interfere communications by predicting some packet header IDs of the device (CVE-2024-28957)
Solution
Update the middleware
Update the middleware to the latest version according to the information provided by the developer.
Vendor Status
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
DMG MORI Digital Co., LTD. reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
Other Information
JPCERT Alert |
|
JPCERT Reports |
|
CERT Advisory |
|
CPNI Advisory |
|
TRnotes |
|
CVE |
CVE-2024-23911 |
CVE-2024-28894 |
|
CVE-2024-28957 |
|
JVN iPedia |
|