CVE-2024-12650

MEDIUM

Product - Memory Corruption

Title source: llm

Description

An attacker with low privileges can manipulate the requested memory size, causing the application to use an invalid memory area. This could lead to a crash of the application but it does not affected other applications.

References (1)

[Various Sources] https://cert.vde.com/en/advisories/VDE-2025-004

Scores

CVSS v3 5.4

EPSS 0.0019

EPSS Percentile 40.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-252

Status published

Products (14)

WAGO/CC100 0751-9x01 < 04.07.01

WAGO/Edge Controller 0752-8303/8000-0002 < 04.07.01

WAGO/PFC100 G1 0750-810x/xxxx-xxxx < 04.07.01

WAGO/PFC100 G1 0750-810x/xxxx-xxxx < 3.10.11

WAGO/PFC100 G2 0750-811x-xxxx-xxxx < 04.07.01

WAGO/PFC200 G1 750-820x-xxx-xxx < 04.07.01

WAGO/PFC200 G1 750-820x-xxx-xxx < 3.10.11

WAGO/PFC200 G2 750-821x-xxx-xxx < 04.07.01

WAGO/TP600 0762-420x/8000-000x < 04.07.01

WAGO/TP600 0762-430x/8000-000x < 04.07.01

... and 4 more

Published Mar 05, 2025

Tracked Since Feb 18, 2026