CVE-2024-24782

An unauthenticated attacker can send a ping request from one network to another through an error in the origin verification even though the ports are separated by VLAN.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CERTVDECNA
4.3 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
VendorProductVersion
himaf30_03x_yy_\(com\)_firmware
𝑥
≤ 24.14
himaf30_03x_yy_\(cpu\)_firmware
𝑥
≤ 18.6
himaf35_03x_yy_\(com\)_firmware
𝑥
≤ 24.14
himaf35_03x_yy_\(cpu\)_firmware
𝑥
≤ 18.6
himaf60_cpu_03x_yy_\(com\)_firmware
𝑥
≤ 24.14
himaf60_cpu_03x_yy_\(cpu\)_firmware
𝑥
≤ 18.6
himaf-com_01_firmware
𝑥
≤ 14.12
himaf-cpu_01_firmware
𝑥
≤ 14.16
himax-com_01_e_yy_firmware
𝑥
≤ 15.14
himax-com_01_yy_firmware
𝑥
≤ 14.12
himax-cpu_01_firmware
𝑥
≤ 14.16
himax-cpu_31_firmware
𝑥
≤ 14.16
himax-sb_01_firmware
𝑥
≤ 7.54
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://cert.vde.com/en/advisories/VDE-2024-013
https://cert.vde.com/en/advisories/VDE-2024-013