CVE-2024-39840

HIGH

Factorio < 1.1.101 - Remote Code Execution via Lua Bytecode in Custom Map

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-39840. PoCs published by writegsqword.

AI-analyzed exploit summary This repository contains a functional exploit PoC for CVE-2024-39840, leveraging memory corruption in Lua to achieve arbitrary read/write primitives and ultimately execute shell commands. The exploit uses double-to-integer conversion and fake object manipulation to bypass memory protections.

Description

Factorio before 1.1.101 allows a crafted server to execute arbitrary code on clients via a custom map that leverages the ability of certain Lua base module functions to execute bytecode and generate fake objects.

Exploits (1)

nomisec WORKING POC
by writegsqword · poc
https://github.com/writegsqword/CVE-2024-39840-POC

This repository contains a functional exploit PoC for CVE-2024-39840, leveraging memory corruption in Lua to achieve arbitrary read/write primitives and ultimately execute shell commands. The exploit uses double-to-integer conversion and fake object manipulation to bypass memory protections.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: Lua (specific version not explicitly stated)
No auth needed
Prerequisites: Vulnerable Lua environment · Ability to execute arbitrary Lua code
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 8.8
EPSS 0.0064
EPSS Percentile 46.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-787
Status published
Published Jun 29, 2024
Tracked Since Feb 18, 2026