CVE-2024-50953
Published: 15 January 2025
Summary
CVE-2024-50953 is a high-severity Uncontrolled Resource Consumption (CWE-400) vulnerability. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked in the top 45.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SC-7 (Boundary Protection).
Deeper analysis
CVE-2024-50953 is a vulnerability affecting the XINJE XL5E-16T programmable logic controller (PLC) running firmware version V3.7.2a. The issue enables attackers to trigger a Denial of Service (DoS) condition by sending a crafted Modbus message to the device. It is classified under CWE-400 (Uncontrolled Resource Consumption) and carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), indicating high severity primarily due to its impact on availability.
Any unauthenticated attacker with network access to the device can exploit this vulnerability. Exploitation requires low complexity and no user interaction or privileges, allowing remote attackers to send a specially crafted Modbus message that disrupts the PLC's operation, rendering it unavailable without affecting confidentiality or integrity.
Mitigation details are available in the referenced advisory at https://github.com/Curator-Kim/Vulnerability-mining/blob/master/XINJE%20XL5E-16T%20Modbus/XINJE%20XL5E-16T%20Modbus%20DoS.md, published alongside the CVE on 2025-01-15. No vendor patches or additional official guidance are specified in the available information.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-44588
Vulnerability details
An issue in XINJE XL5E-16T V3.7.2a allows attackers to cause a Denial of Service (DoS) via a crafted Modbus message.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Crafted Modbus message exploits PLC software vulnerability to trigger application/system crash and DoS (CWE-400).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly protects the PLC from denial-of-service attacks triggered by crafted Modbus messages causing uncontrolled resource consumption.
Validates Modbus protocol inputs to reject crafted messages that exploit the vulnerability and lead to resource exhaustion.
Monitors and controls network boundary traffic to block or detect unauthenticated crafted Modbus messages targeting the PLC.