CVE-2024-46601
Published: 07 January 2025
Summary
CVE-2024-46601 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability in Elspec-Ltd G5Dfr Firmware. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked in the top 49.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2024-46601 is a buffer overflow vulnerability (CWE-120) affecting Elspec Engineering G5 Digital Fault Recorder Firmware version 1.2.1.12. The issue was publicly disclosed on January 7, 2025, and carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), indicating high severity primarily due to its potential for denial-of-service impacts.
An unauthenticated attacker with network access can exploit this vulnerability remotely with low complexity and without requiring user interaction. Successful exploitation triggers a buffer overflow, leading to high-impact availability disruption, such as device crashes or reboots, while confidentiality and integrity remain unaffected.
For mitigation details, refer to the vendor's security advisory at https://www.elspec-ltd.com/support/security-advisories/.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-42196
Vulnerability details
Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 was discovered to contain a buffer overflow.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow in remotely accessible firmware directly enables endpoint DoS via application exploitation, matching T1499.004 with no other impacts or techniques indicated.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates this buffer overflow vulnerability by requiring timely installation of vendor-provided patches or updates as referenced in the security advisory.
Prevents buffer overflows by enforcing validation of all unauthenticated network inputs to ensure they do not exceed buffer capacities.
Implements memory safeguards like stack canaries and non-executable memory to protect against exploitation of the buffer overflow leading to crashes.