CVE-2024-0581 - Vulnerability Details - OpenCVE

An Uncontrolled Resource Consumption vulnerability has been found on Sandsprite Scdbg.exe, affecting version 1.0. This vulnerability allows an attacker to send a specially crafted shellcode payload to the '/foff' parameter and cause an application shutdown. A malware program could use this shellcode sequence to shut down the application and evade the scan.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00059.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Sandsprite	Scdbg

Configuration 1 [-]

cpe:2.3:a:sandsprite:scdbg:1.0:*:*:*:*:*:*:*

No data.

No data.

Fixes

Solution

The reported vulnerability has been fixed. It is recommended to upgrade to the latest software version of the affected product.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://www.incibe.es/en/incibe-cert/notices/aviso/uncontrolled-resource-consumption-vulnerability-sandsprite-scdbg

History

Mon, 02 Jun 2025 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: INCIBE

Published: 2024-01-16T13:14:27.788Z

Updated: 2025-06-02T15:11:20.344Z

Reserved: 2024-01-16T08:06:36.621Z

Link: CVE-2024-0581

Vulnrichment

Updated: 2024-08-01T18:11:35.426Z

NVD

Status : Modified

Published: 2024-01-16T14:15:49.450

Modified: 2024-11-21T08:46:56.580

Link: CVE-2024-0581

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-0581", "assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "state": "PUBLISHED", "assignerShortName": "INCIBE", "dateReserved": "2024-01-16T08:06:36.621Z", "datePublished": "2024-01-16T13:14:27.788Z", "dateUpdated": "2025-06-02T15:11:20.344Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Scdbg", "vendor": "Sandsprite", "versions": [{"status": "affected", "version": "1.0"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Rafael Pedrero"}], "datePublic": "2024-01-16T13:05:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An Uncontrolled Resource Consumption vulnerability has been found on Sandsprite Scdbg.exe, affecting version 1.0. This vulnerability allows an attacker to send a specially crafted shellcode payload to the '/foff' parameter and cause an application shutdown. A malware program could use this shellcode sequence to shut down the application and evade the scan."}], "value": "An Uncontrolled Resource Consumption vulnerability has been found on Sandsprite Scdbg.exe, affecting version 1.0. This vulnerability allows an attacker to send a specially crafted shellcode payload to the '/foff' parameter and cause an application shutdown. A malware program could use this shellcode sequence to shut down the application and evade the scan."}], "impacts": [{"capecId": "CAPEC-147", "descriptions": [{"lang": "en", "value": "CAPEC-147 XML Ping of the Death"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "shortName": "INCIBE", "dateUpdated": "2024-01-16T13:35:39.986Z"}, "references": [{"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/uncontrolled-resource-consumption-vulnerability-sandsprite-scdbg"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The reported vulnerability has been fixed. It is recommended to upgrade to the latest software version of the affected product."}], "value": "The reported vulnerability has been fixed. It is recommended to upgrade to the latest software version of the affected product."}], "source": {"discovery": "EXTERNAL"}, "title": "Uncontrolled Resource Consumption vulnerability on Sandsprite scdbg", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:11:35.426Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/uncontrolled-resource-consumption-vulnerability-sandsprite-scdbg", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-08T15:54:45.674386Z", "id": "CVE-2024-0581", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-02T15:11:20.344Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/uncontrolled-resource-consumption-vulnerability-sandsprite-scdbg", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:11:35.426Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-0581", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-05-08T15:54:45.674386Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-08T15:54:47.121Z"}}], "cna": {"title": "Uncontrolled Resource Consumption vulnerability on Sandsprite scdbg", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Rafael Pedrero"}], "impacts": [{"capecId": "CAPEC-147", "descriptions": [{"lang": "en", "value": "CAPEC-147 XML Ping of the Death"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Sandsprite", "product": "Scdbg", "versions": [{"status": "affected", "version": "1.0"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "The reported vulnerability has been fixed. It is recommended to upgrade to the latest software version of the affected product.", "supportingMedia": [{"type": "text/html", "value": "The reported vulnerability has been fixed. It is recommended to upgrade to the latest software version of the affected product.", "base64": false}]}], "datePublic": "2024-01-16T13:05:00.000Z", "references": [{"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/uncontrolled-resource-consumption-vulnerability-sandsprite-scdbg"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "An Uncontrolled Resource Consumption vulnerability has been found on Sandsprite Scdbg.exe, affecting version 1.0. This vulnerability allows an attacker to send a specially crafted shellcode payload to the '/foff' parameter and cause an application shutdown. A malware program could use this shellcode sequence to shut down the application and evade the scan.", "supportingMedia": [{"type": "text/html", "value": "An Uncontrolled Resource Consumption vulnerability has been found on Sandsprite Scdbg.exe, affecting version 1.0. This vulnerability allows an attacker to send a specially crafted shellcode payload to the '/foff' parameter and cause an application shutdown. A malware program could use this shellcode sequence to shut down the application and evade the scan.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption"}]}], "providerMetadata": {"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "shortName": "INCIBE", "dateUpdated": "2024-01-16T13:35:39.986Z"}}}, "cveMetadata": {"cveId": "CVE-2024-0581", "state": "PUBLISHED", "dateUpdated": "2025-06-02T15:11:20.344Z", "dateReserved": "2024-01-16T08:06:36.621Z", "assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "datePublished": "2024-01-16T13:14:27.788Z", "assignerShortName": "INCIBE"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sandsprite:scdbg:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "9786FCFF-377D-49EF-8799-10AEDF01800F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An Uncontrolled Resource Consumption vulnerability has been found on Sandsprite Scdbg.exe, affecting version 1.0. This vulnerability allows an attacker to send a specially crafted shellcode payload to the '/foff' parameter and cause an application shutdown. A malware program could use this shellcode sequence to shut down the application and evade the scan."}, {"lang": "es", "value": "Se ha encontrado una vulnerabilidad de consumo de recursos incontrolado en Sandsprite Scdbg.exe, que afecta a la versi\u00f3n 1.0. Esta vulnerabilidad permite a un atacante enviar un payload de shellcode especialmente manipulado al par\u00e1metro '/foff' y provocar el cierre de la aplicaci\u00f3n. Un programa de malware podr\u00eda utilizar esta secuencia de shellcode para cerrar la aplicaci\u00f3n y evadir el an\u00e1lisis."}], "id": "CVE-2024-0581", "lastModified": "2024-11-21T08:46:56.580", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 1.4, "source": "cve-coordination@incibe.es", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-01-16T14:15:49.450", "references": [{"source": "cve-coordination@incibe.es", "tags": ["Third Party Advisory"], "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/uncontrolled-resource-consumption-vulnerability-sandsprite-scdbg"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/uncontrolled-resource-consumption-vulnerability-sandsprite-scdbg"}], "sourceIdentifier": "cve-coordination@incibe.es", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "cve-coordination@incibe.es", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}]}