CVE-2024-6918

CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists that could cause a crash of the Accutech Manager when receiving a specially crafted request over port 2536/TCP.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-226-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-226-01.pdf

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) CWE-120: Existe una vulnerabilidad de copia del búfer sin verificar el tamaño de la entrada ('Desbordamiento del búfer clásico') que podría provocar un bloqueo de Accutech Manager al recibir una solicitud especialmente manipulada a través del puerto 2536/TCP.

20 Aug 2024, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-08-20 13:15

Updated : 2026-06-17 08:18

NVD link : CVE-2024-6918

Mitre link : CVE-2024-6918

CVE.ORG link : CVE-2024-6918

JSON object : View

Products Affected

No product.

CWE

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

{"id": "CVE-2024-6918", "cveTags": [], "metrics": {"ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2024-6918", "role": "CISA Coordinator", "options": [{"exploitation": "none"}, {"automatable": "yes"}, {"technicalImpact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-20T14:08:10.286200Z"}}], "cvssMetricV31": [{"type": "Secondary", "source": "cybersecurity@se.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "affected": [{"source": "cybersecurity@se.com", "affectedData": [{"vendor": "Schneider Electric", "product": "Accutech Manager", "versions": [{"status": "affected", "version": "Versions 2.8.0.0 and prior"}], "defaultStatus": "unaffected"}]}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "affectedData": [{"cpes": ["cpe:2.3:a:schneider-electric:accutech_manager:*:*:*:*:*:*:*:*"], "vendor": "schneider-electric", "product": "accutech_manager", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "2.8.0.0"}], "defaultStatus": "unaffected"}]}], "published": "2024-08-20T13:15:09.450", "references": [{"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-226-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-226-01.pdf", "source": "cybersecurity@se.com"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "cybersecurity@se.com", "description": [{"lang": "en", "value": "CWE-120"}]}], "descriptions": [{"lang": "en", "value": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability\nexists that could cause a crash of the Accutech Manager when receiving a specially crafted\nrequest over port 2536/TCP."}, {"lang": "es", "value": "CWE-120: Existe una vulnerabilidad de copia del b\u00fafer sin verificar el tama\u00f1o de la entrada ('Desbordamiento del b\u00fafer cl\u00e1sico') que podr\u00eda provocar un bloqueo de Accutech Manager al recibir una solicitud especialmente manipulada a trav\u00e9s del puerto 2536/TCP."}], "lastModified": "2026-06-17T08:18:58.607", "sourceIdentifier": "cybersecurity@se.com"}