CVE-2024-25137

Claroty Security Advisory

CWE-121: Stack-based Buffer Overflow

In Automation-Direct C-MORE EA9 HMI there is a program that copies a buffer of a size controlled by the user into a limited sized buffer on the stack which leads to a stack overflow. The result of this stack-based buffer overflow will lead to a denial-of-service conditions.

AutomationDirect recommends that users update C-MORE EA9 HMI to V6.78

Affected versions:

  • C-MORE EA9 HMI EA9-T6CL: Version 6.77 and prior
  • C-MORE EA9 HMI EA9-T7CL: Version 6.77 and prior
  • C-MORE EA9 HMI EA0-T7CL-R: Version 6.77 and prior
  • C-MORE EA9 HMI EA9-T8CL: Version 6.77 and prior
  • C-MORE EA9 HMI EA9-T10CL: Version 6.77 and prior
  • C-MORE EA9 HMI EA9-T10WCL: Version 6.77 and prior
  • C-MORE EA9 HMI EA9-T12CL: Version 6.77 and prior
  • C-MORE EA9 HMI EA9-T15CL: Version 6.77 and prior
  • C-MORE EA9 HMI EA9-T15CL-R: Version 6.77 and prior
  • C-MORE EA9 HMI EA9-RHMI: Version 6.77 and prior
  • C-MORE EA9 HMI EA9-PGMSW: Version 6.77 and prior

READ MORE