CVE-2024-50954
Published: 15 January 2025
Description
The XINJE XL5E-16T and XD5E-24R-E programmable logic controllers V3.5.3b-V3.7.2a have a vulnerability in handling Modbus messages. When a TCP connection is established with the above series of controllers within a local area network (LAN), sending a specific Modbus message to the controller can cause the PLC to crash, interrupting the normal operation of the programs running in the PLC. This results in the ERR indicator light turning on and the RUN indicator light turning off.
Security Summary
CVE-2024-50954 is a vulnerability in the Modbus message handling of XINJE XL5E-16T and XD5E-24R-E programmable logic controllers (PLCs) running firmware versions V3.5.3b through V3.7.2a. When a TCP connection is established with these controllers over a local area network (LAN), sending a specific Modbus message triggers an improper check or handling of exceptional conditions (CWE-703), causing the PLC to crash. This interrupts normal program operation, activates the ERR indicator light, and deactivates the RUN indicator light. The vulnerability has a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
Any unauthenticated attacker with network access to the affected PLC can exploit this issue by establishing a TCP connection and transmitting the crafted Modbus message. Exploitation requires low complexity and no privileges, enabling remote denial-of-service (DoS) attacks that halt PLC functionality and disrupt connected industrial processes.
Further technical details, including reproduction steps for the vulnerability, are documented in the advisory at https://github.com/Curator-Kim/Vulnerability-mining/blob/master/XINJE%20XL5E-16T%20XD5E-24R%20Modbus/XINJE%20XL5E-16T%20XD5E-24R%20Modbus.md. No patch or mitigation guidance is specified in available sources.
Details
- CWE(s)