CVE-2024-4640

HIGH

Moxa OnCell G3470A-LTE Series Firmware < 1.7.7 - Buffer Overflow via Missing Bounds Check

Title source: llm
STIX 2.1

Description

OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to missing bounds checking on buffer operations. An attacker could write past the boundaries of allocated buffer regions in memory, causing a program crash.

Scores

CVSS v3 7.1
EPSS 0.0039
EPSS Percentile 31.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-120
Status published
Products (4)
moxa/oncell_g3470a-lte-eu-t_firmware < 1.7.7
moxa/oncell_g3470a-lte-eu_firmware < 1.7.7
moxa/oncell_g3470a-lte-us-t_firmware < 1.7.7
moxa/oncell_g3470a-lte-us_firmware < 1.7.7
Published Jun 25, 2024
Tracked Since Feb 18, 2026