CVE-2024-31484 Information

Description

A vulnerability has been identified in CPC80 Central Processing/Communication (All versions < V16.41) CPCI85 Central Processing/Communication (All versions < V5.30). The affected device firmwares contain an improper null termination vulnerability while parsing a specific HTTP header. This could allow an attacker to execute code in the context of the current process or lead to denial of service condition.

Reference

https://cert-portal.siemens.com/productcert/html/ssa-871704.html