CVE-2024-7490 (GCVE-0-2024-7490)
Vulnerability from cvelistv5 – Published: 2024-08-08 15:01 – Updated: 2025-08-29 20:23 Unsupported When Assigned
VLAI?
Title
Remote Code Execution in Advanced Software Framework DHCP server
Summary
Improper Input Validation vulnerability in Microchip Techology Advanced Software Framework example DHCP server can cause remote code execution through a buffer overflow.
This vulnerability is associated with program files tinydhcpserver.C and program routines lwip_dhcp_find_option.
This issue affects Advanced Software Framework: through 3.52.0.2574.
ASF is no longer being supported. Apply provided workaround or migrate to an actively maintained framework.
Severity ?
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microchip Techology | Advanced Software Framework |
Affected:
0 , ≤ 3.52.0.2574
(semver)
|
Credits
element55
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:microchip:advanced_software_framework:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "advanced_software_framework",
"vendor": "microchip",
"versions": [
{
"lessThanOrEqual": "3.52.0.2574",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7490",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-08T16:25:23.040865Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T16:30:11.768Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-09-19T13:06:47.103Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/138043"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://gallery.microchip.com/packages/4CE20911-D794-4550-8B94-6C66A93228B8/",
"defaultStatus": "affected",
"modules": [
"network"
],
"packageName": "lwip",
"product": "Advanced Software Framework",
"programFiles": [
"tinydhcpserver.c"
],
"programRoutines": [
{
"name": "lwip_dhcp_find_option"
}
],
"repo": "https://savannah.nongnu.org/projects/lwip/",
"vendor": "Microchip Techology",
"versions": [
{
"lessThanOrEqual": "3.52.0.2574",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use of the lwip stack embedded in ASF, and using the example DHCP server provided.\u003cbr\u003e"
}
],
"value": "Use of the lwip stack embedded in ASF, and using the example DHCP server provided."
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "element55"
}
],
"datePublic": "2024-08-05T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Input Validation vulnerability in Microchip Techology Advanced Software Framework example DHCP server can cause remote code execution through a buffer overflow.\u003cbr\u003e\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003etinydhcpserver.C\u003c/tt\u003e and program routines \u003ctt\u003elwip_dhcp_find_option\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects Advanced Software Framework: through 3.52.0.2574.\u003c/p\u003e\u003cp\u003e\nASF is no longer being supported. Apply provided workaround or migrate to an actively maintained framework.\n\n\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "Improper Input Validation vulnerability in Microchip Techology Advanced Software Framework example DHCP server can cause remote code execution through a buffer overflow.\n This vulnerability is associated with program files tinydhcpserver.C and program routines lwip_dhcp_find_option.\n\nThis issue affects Advanced Software Framework: through 3.52.0.2574.\n\n\nASF is no longer being supported. Apply provided workaround or migrate to an actively maintained framework."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 9.5,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T20:23:53.142Z",
"orgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"shortName": "Microchip"
},
"references": [
{
"tags": [
"product"
],
"url": "https://www.microchip.com/en-us/tools-resources/develop/libraries/advanced-software-framework"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "ASF is no longer being supported. Apply provided workaround or migrate to an actively maintained framework.\u003cbr\u003e"
}
],
"value": "ASF is no longer being supported. Apply provided workaround or migrate to an actively maintained framework."
}
],
"source": {
"advisory": "PSIRT-23",
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Remote Code Execution in Advanced Software Framework DHCP server",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\nThe issue can be mitigated by adding a check to the size variable after the call [1] to pbuf_get_at on line 127 [1].\n If the size variable is not 4, then the function should cease \nprocessing and return. The lwip_dhcp_find_option function is only used \nto find this one option. \u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\n\u003cp\u003e [1] \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/alfred-ai/microchip-asf/blob/bf5205e36a265b867d531647ffbf2de5e287853a/thirdparty/lwip/lwip-tinyservices/tinydhcpserver.c#L127\"\u003ehttps://github.com/alfred-ai/microchip-asf/blob/bf5205e36a265b867d531647ffbf2de5e287853a/thirdparty/lwip/lwip-tinyservices/tinydhcpserver.c#L127\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "The issue can be mitigated by adding a check to the size variable after the call [1] to pbuf_get_at on line 127 [1].\n If the size variable is not 4, then the function should cease \nprocessing and return. The lwip_dhcp_find_option function is only used \nto find this one option. \n\n\n\n\n\n\n [1] https://github.com/alfred-ai/microchip-asf/blob/bf5205e36a265b867d531647ffbf2de5e287853a/thirdparty/lwip/lwip-tinyservices/tinydhcpserver.c#L127"
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"assignerShortName": "Microchip",
"cveId": "CVE-2024-7490",
"datePublished": "2024-08-08T15:01:09.055Z",
"dateReserved": "2024-08-05T14:10:12.165Z",
"dateUpdated": "2025-08-29T20:23:53.142Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.kb.cert.org/vuls/id/138043\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-09-19T13:06:47.103Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-7490\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-08T16:25:23.040865Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:microchip:advanced_software_framework:*:*:*:*:*:*:*:*\"], \"vendor\": \"microchip\", \"product\": \"advanced_software_framework\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"3.52.0.2574\"}], \"defaultStatus\": \"affected\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-08T16:29:58.656Z\"}}], \"cna\": {\"tags\": [\"unsupported-when-assigned\"], \"title\": \"Remote Code Execution in Advanced Software Framework DHCP server\", \"source\": {\"advisory\": \"PSIRT-23\", \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"element55\"}], \"impacts\": [{\"capecId\": \"CAPEC-100\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-100 Overflow Buffers\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 9.5, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"HIGH\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"HIGH\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"HIGH\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"repo\": \"https://savannah.nongnu.org/projects/lwip/\", \"vendor\": \"Microchip Techology\", \"modules\": [\"network\"], \"product\": \"Advanced Software Framework\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"3.52.0.2574\"}], \"packageName\": \"lwip\", \"programFiles\": [\"tinydhcpserver.c\"], \"collectionURL\": \"https://gallery.microchip.com/packages/4CE20911-D794-4550-8B94-6C66A93228B8/\", \"defaultStatus\": \"affected\", \"programRoutines\": [{\"name\": \"lwip_dhcp_find_option\"}]}], \"solutions\": [{\"lang\": \"en\", \"value\": \"ASF is no longer being supported. Apply provided workaround or migrate to an actively maintained framework.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"ASF is no longer being supported. Apply provided workaround or migrate to an actively maintained framework.\u003cbr\u003e\", \"base64\": false}]}], \"datePublic\": \"2024-08-05T07:00:00.000Z\", \"references\": [{\"url\": \"https://www.microchip.com/en-us/tools-resources/develop/libraries/advanced-software-framework\", \"tags\": [\"product\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"The issue can be mitigated by adding a check to the size variable after the call [1] to pbuf_get_at on line 127 [1].\\n If the size variable is not 4, then the function should cease \\nprocessing and return. The lwip_dhcp_find_option function is only used \\nto find this one option. \\n\\n\\n\\n\\n\\n\\n [1] https://github.com/alfred-ai/microchip-asf/blob/bf5205e36a265b867d531647ffbf2de5e287853a/thirdparty/lwip/lwip-tinyservices/tinydhcpserver.c#L127\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cdiv\u003e\\nThe issue can be mitigated by adding a check to the size variable after the call [1] to pbuf_get_at on line 127 [1].\\n If the size variable is not 4, then the function should cease \\nprocessing and return. The lwip_dhcp_find_option function is only used \\nto find this one option. \u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\\n\u003cp\u003e [1] \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://github.com/alfred-ai/microchip-asf/blob/bf5205e36a265b867d531647ffbf2de5e287853a/thirdparty/lwip/lwip-tinyservices/tinydhcpserver.c#L127\\\"\u003ehttps://github.com/alfred-ai/microchip-asf/blob/bf5205e36a265b867d531647ffbf2de5e287853a/thirdparty/lwip/lwip-tinyservices/tinydhcpserver.c#L127\u003c/a\u003e\u003c/p\u003e\\n\\n\u003cbr\u003e\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Improper Input Validation vulnerability in Microchip Techology Advanced Software Framework example DHCP server can cause remote code execution through a buffer overflow.\\n This vulnerability is associated with program files tinydhcpserver.C and program routines lwip_dhcp_find_option.\\n\\nThis issue affects Advanced Software Framework: through 3.52.0.2574.\\n\\n\\nASF is no longer being supported. Apply provided workaround or migrate to an actively maintained framework.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Improper Input Validation vulnerability in Microchip Techology Advanced Software Framework example DHCP server can cause remote code execution through a buffer overflow.\u003cbr\u003e\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003etinydhcpserver.C\u003c/tt\u003e and program routines \u003ctt\u003elwip_dhcp_find_option\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects Advanced Software Framework: through 3.52.0.2574.\u003c/p\u003e\u003cp\u003e\\nASF is no longer being supported. Apply provided workaround or migrate to an actively maintained framework.\\n\\n\u003cbr\u003e\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-120\", \"description\": \"CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)\"}]}], \"configurations\": [{\"lang\": \"en\", \"value\": \"Use of the lwip stack embedded in ASF, and using the example DHCP server provided.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Use of the lwip stack embedded in ASF, and using the example DHCP server provided.\u003cbr\u003e\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"dc3f6da9-85b5-4a73-84a2-2ec90b40fca5\", \"shortName\": \"Microchip\", \"dateUpdated\": \"2025-08-29T20:23:53.142Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-7490\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-08-29T20:23:53.142Z\", \"dateReserved\": \"2024-08-05T14:10:12.165Z\", \"assignerOrgId\": \"dc3f6da9-85b5-4a73-84a2-2ec90b40fca5\", \"datePublished\": \"2024-08-08T15:01:09.055Z\", \"assignerShortName\": \"Microchip\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…