Cyber Resilience

CVE-2024-50953

HighDDoS

Published: 15 January 2025

Published
15 January 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0031 54.8th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-50953 is a high-severity Uncontrolled Resource Consumption (CWE-400) vulnerability. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked in the top 45.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SC-7 (Boundary Protection).

Deeper analysis

CVE-2024-50953 is a vulnerability affecting the XINJE XL5E-16T programmable logic controller (PLC) running firmware version V3.7.2a. The issue enables attackers to trigger a Denial of Service (DoS) condition by sending a crafted Modbus message to the device. It is classified under CWE-400 (Uncontrolled Resource Consumption) and carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), indicating high severity primarily due to its impact on availability.

Any unauthenticated attacker with network access to the device can exploit this vulnerability. Exploitation requires low complexity and no user interaction or privileges, allowing remote attackers to send a specially crafted Modbus message that disrupts the PLC's operation, rendering it unavailable without affecting confidentiality or integrity.

Mitigation details are available in the referenced advisory at https://github.com/Curator-Kim/Vulnerability-mining/blob/master/XINJE%20XL5E-16T%20Modbus/XINJE%20XL5E-16T%20Modbus%20DoS.md, published alongside the CVE on 2025-01-15. No vendor patches or additional official guidance are specified in the available information.

EU & UK References

Vulnerability details

An issue in XINJE XL5E-16T V3.7.2a allows attackers to cause a Denial of Service (DoS) via a crafted Modbus message.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Crafted Modbus message exploits PLC software vulnerability to trigger application/system crash and DoS (CWE-400).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-56921Shared CWE-400
CVE-2026-33538Shared CWE-400
CVE-2026-0517Shared CWE-400
CVE-2026-6051Shared CWE-400
CVE-2026-21945Shared CWE-400
CVE-2026-33750Shared CWE-400
CVE-2024-33618Shared CWE-400
CVE-2025-69534Shared CWE-400
CVE-2025-29487Shared CWE-400
CVE-2025-9278Shared CWE-400

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly protects the PLC from denial-of-service attacks triggered by crafted Modbus messages causing uncontrolled resource consumption.

prevent

Validates Modbus protocol inputs to reject crafted messages that exploit the vulnerability and lead to resource exhaustion.

preventdetect

Monitors and controls network boundary traffic to block or detect unauthenticated crafted Modbus messages targeting the PLC.

References