Published:2024/04/04  Last Updated:2024/04/04

JVNVU#94016877
Multiple vulnerabilities in Cente middleware

Overview

Some products in Cente middleware TCP/IP Network Series developed by DMG MORI Digital Co., LTD. and provided by NEXT Co., Ltd. contain multiple vulnerabilities.

Products Affected

CVE-2024-23911, CVE-2024-28894

  • Cente IPv6 Ver.1.51 and earlier
  • Cente IPv6 SNMPv2 Ver.2.30 and earlier
  • Cente IPv6 SNMPv3 Ver.2.30 and earlier
CVE-2024-28957
  • Cente TCP/IPv4 Ver.1.41 and earlier
  • Cente TCP/IPv4 SNMPv2 Ver.2.30 and earlier
  • Cente TCP/IPv4 SNMPv3 Ver.2.30 and earlier
  • Cente IPv6 Ver.1.51 and earlier
  • Cente IPv6 SNMPv2 Ver.2.30 and earlier
  • Cente IPv6 SNMPv3 Ver.2.30 and earlier

Description

Some products in Cente middleware TCP/IP Network Series developed by DMG MORI Digital Co., LTD. and provided by NEXT Co., Ltd. contain multiple vulnerabilities listed below.

  • Out-of-bounds Read caused by improper checking of the option length values in IPv6 NDP packets (CWE-125)
    • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Base Score 5.3
    • CVE-2024-23911
  • Out-of-bounds Read caused by improper checking of the option length values in IPv6 headers (CWE-125)
    • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Base Score 5.3
    • CVE-2024-28894
  • Generation of Predictable Identifiers (CWE-340)
    • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Base Score 5.3
    • CVE-2024-28957

Impact

  • An unauthenticated attacker may stop the device operations by sending a specially crafted packet (CVE-2024-23911, CVE-2024-28894)
  • An unauthenticated attacker may interfere communications by predicting some packet header IDs of the device (CVE-2024-28957)

Solution

Update the middleware
Update the middleware to the latest version according to the information provided by the developer.

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

DMG MORI Digital Co., LTD. reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2024-23911
CVE-2024-28894
CVE-2024-28957
JVN iPedia