CVE-2024-6199

An unauthenticated attacker on the WAN interface, with the ability to intercept Dynamic DNS (DDNS) traffic between DDNS services and the modem, could manipulate specific responses to include code that forces a buffer overflow on the modem. Customers that have not enabled Dynamic DNS on their modem are not vulnerable.

CVSS

No CVSS.

References

Link	Resource
https://www.onekey.com/resource/security-advisory-rce-on-viasat-modems-cve-2024-6199

Configurations

No configuration.

History

29 Apr 2025, 13:52

Type	Values Removed	Values Added
Summary		(es) Un atacante no autenticado en la interfaz WAN, capaz de interceptar el tráfico de DNS dinámico (DDNS) entre los servicios DDNS y el módem, podría manipular respuestas específicas para incluir código que provoque un desbordamiento de búfer en el módem. Los clientes que no tienen habilitado el DNS dinámico en su módem no son vulnerables.

25 Apr 2025, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-25 13:15

Updated : 2025-04-29 13:52

NVD link : CVE-2024-6199

Mitre link : CVE-2024-6199

CVE.ORG link : CVE-2024-6199

JSON object : View

Products Affected

No product.

CWE

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

{"id": "CVE-2024-6199", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "research@onekey.com", "cvssData": {"Safety": "NEGLIGIBLE", "version": "4.0", "Recovery": "USER", "baseScore": 7.7, "Automatable": "NO", "attackVector": "ADJACENT", "baseSeverity": "HIGH", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:M/U:Red", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "RED", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "MODERATE", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-04-25T13:15:43.510", "references": [{"url": "https://www.onekey.com/resource/security-advisory-rce-on-viasat-modems-cve-2024-6199", "source": "research@onekey.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "research@onekey.com", "description": [{"lang": "en", "value": "CWE-120"}]}], "descriptions": [{"lang": "en", "value": "An unauthenticated attacker on the WAN interface, with the ability to intercept Dynamic DNS (DDNS) traffic between DDNS\u00a0services and the modem, could manipulate specific responses to include code that forces a buffer overflow on the modem.\n\nCustomers that have not enabled Dynamic DNS on their modem are not vulnerable."}, {"lang": "es", "value": "Un atacante no autenticado en la interfaz WAN, capaz de interceptar el tr\u00e1fico de DNS din\u00e1mico (DDNS) entre los servicios DDNS y el m\u00f3dem, podr\u00eda manipular respuestas espec\u00edficas para incluir c\u00f3digo que provoque un desbordamiento de b\u00fafer en el m\u00f3dem. Los clientes que no tienen habilitado el DNS din\u00e1mico en su m\u00f3dem no son vulnerables."}], "lastModified": "2025-04-29T13:52:28.490", "sourceIdentifier": "research@onekey.com"}