PT-2024-17695 · Fabulatech · Fabulatech Usb Over Network
Topgun
·
Published
2024-12-16
·
Updated
2024-12-19
·
CVE-2024-12655
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
FabulaTech USB over Network version 6.0.6.1
Description
A problematic issue has been found in the function
0x220420 of the ftusbbus2.sys library in the IOCT Handler component. This issue leads to a null pointer dereference. The attack can be launched on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted about this disclosure but did not respond.Recommendations
For FabulaTech USB over Network version 6.0.6.1, as a temporary workaround, consider disabling the function
0x220420 in the ftusbbus2.sys library until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Improper Resource Release
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Fabulatech Usb Over Network