CVE-2024-10498 — MEDIUM (6.5)

Vulnerability Description

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could allow an unauthorized attacker to modify configuration values outside of the normal range when the attacker sends specific Modbus write packets to the device which could result in invalid data or loss of web interface functionality.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

LOW

Availability

LOW

Related Weaknesses (CWE)

CWE-119

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-014-08&p_enDoc

FAQ

What is CVE-2024-10498?

CVE-2024-10498 is a vulnerability with a CVSS score of 6.5 (MEDIUM). CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could allow an unauthorized attacker to modify configuration values outside of the normal ran...

How severe is CVE-2024-10498?

CVE-2024-10498 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-10498?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.