CVE-2024-7490
Published: 08 August 2024
Summary
CVE-2024-7490 is a critical-severity Classic Buffer Overflow (CWE-120) vulnerability in Microchip Advanced Software Framework. Its CVSS base score is 9.5 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation of Remote Services (T1210); ranked in the top 6.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
The vulnerability is an improper input validation flaw, tracked as CWE-120, in the example DHCP server implementation within Microchip Technology's Advanced Software Framework. It resides in tinydhcpserver.C and the lwip_dhcp_find_option routine, enabling a buffer overflow that can result in remote code execution. The issue affects all versions of ASF through 3.52.0.2574 and carries a CVSS 4.0 score of 9.5.
An unauthenticated attacker can exploit the flaw remotely over the network by sending crafted DHCP traffic that triggers the overflow, achieving arbitrary code execution with high impact to confidentiality, integrity, and availability on affected systems.
Microchip states that ASF is no longer supported and directs users to apply the workaround referenced in the advisory or migrate to a maintained framework; additional details appear in the associated CERT vulnerability note at kb.cert.org. The EPSS score remains flat at 0.1173 with no reported real-world exploitation to date.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-48404
Vulnerability details
Improper Input Validation vulnerability in Microchip Techology Advanced Software Framework example DHCP server can cause remote code execution through a buffer overflow. This vulnerability is associated with program files tinydhcpserver.C and program routines lwip_dhcp_find_option. This issue affects Advanced Software Framework:…
more
through 3.52.0.2574. ASF is no longer being supported. Apply provided workaround or migrate to an actively maintained framework.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The stack-based buffer overflow in the ASF tinydhcp server allows unauthenticated remote code execution via a specially crafted DHCP request packet, directly enabling Exploitation of Remote Services (T1210).
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Platform-independent managed code eliminates the need for unchecked native buffer copies that are the root cause of classic buffer overflows.