CVE-2024-52296

MEDIUM EPSS 25.2%
Published Nov 12, 20241y ago · Modified Jun 17, 20262w ago
6.5 CVSS 3.1
Medium
Find Similar
Published Nov 12, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

libosdp is an implementation of IEC 60839-11-5 OSDP (Open Supervised Device Protocol) and provides a C library with support for C++, Rust and Python3. At ospd_common.c, on the osdp_reply_name function, any reply id between REPLY_ACK and REPLY_XRD is valid, but names array do not declare all of the range. On a case of an undefined reply id within the range, name will be null (name = names[reply_id - REPLY_ACK];). Null name will casue a crash on next line: if (name[0] == '\0') as null[0] is invalid. As this logic is not limited to a secure connection, attacker may trigger this vulnerability without any prior knowledge. This issue is fixed in 2.4.0.

CVSS Details

Base Score
6.5
Exploitability
2.8
Impact
3.6
Vector string
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector Adjacent
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
25.2% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

References 2

  • github.com https://github.com/goToMain/libosdp/commit/24409e98a260176765956ec766a04cb35984fab1
  • github.com https://github.com/goToMain/libosdp/security/advisories/GHSA-7945-5mcv-f2pp

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.