CVE-2024-21785

Name of the Vulnerable Software and Affected Versions AutomationDirect P3-550E version 1.2.10.9

Description The issue is related to insufficient protection of service data in the implementation of debug code, which can be exploited by a remote attacker to execute arbitrary code or cause a denial of service. A leftover debug code vulnerability exists in the Telnet Diagnostic Interface functionality, allowing unauthorized access through a specially crafted series of network requests.

Recommendations For AutomationDirect P3-550E version 1.2.10.9, consider disabling the Telnet Diagnostic Interface functionality as a temporary workaround until a patch is available. Restrict access to the diagnostic interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.