Micron Crucial MX500 Series Solid State Drives M3CR046 is vulnerable to Buffer Overflow, which can be triggered by sending specially crafted ATA packets from the host to the drive controller.
History

Thu, 24 Oct 2024 18:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-121

Tue, 10 Sep 2024 14:15:00 +0000

Type Values Removed Values Added
First Time appeared Crucial
Crucial ct1000mx500ssd1
Crucial ct2000mx500ssd1
Crucial ct250mx500ssd1
Crucial ct4000mx500ssd1
Crucial ct500mx500ssd1
Crucial mx500 Firmware
Weaknesses CWE-787
CPEs cpe:2.3:h:crucial:ct1000mx500ssd1:-:*:*:*:*:*:*:*
cpe:2.3:h:crucial:ct2000mx500ssd1:-:*:*:*:*:*:*:*
cpe:2.3:h:crucial:ct250mx500ssd1:-:*:*:*:*:*:*:*
cpe:2.3:h:crucial:ct4000mx500ssd1:-:*:*:*:*:*:*:*
cpe:2.3:h:crucial:ct500mx500ssd1:-:*:*:*:*:*:*:*
cpe:2.3:o:crucial:mx500_firmware:m3cr046:*:*:*:*:*:*:*
Vendors & Products Crucial
Crucial ct1000mx500ssd1
Crucial ct2000mx500ssd1
Crucial ct250mx500ssd1
Crucial ct4000mx500ssd1
Crucial ct500mx500ssd1
Crucial mx500 Firmware

Thu, 05 Sep 2024 15:30:00 +0000

Type Values Removed Values Added
First Time appeared Micron
Micron crucial Mx500
Weaknesses CWE-121
CPEs cpe:2.3:h:micron:crucial_mx500:*:*:*:*:*:*:*:*
Vendors & Products Micron
Micron crucial Mx500
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 04 Sep 2024 19:45:00 +0000

Type Values Removed Values Added
Description Micron Crucial MX500 Series Solid State Drives M3CR046 is vulnerable to Buffer Overflow, which can be triggered by sending specially crafted ATA packets from the host to the drive controller.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-09-04T00:00:00

Updated: 2024-10-24T17:02:17.449Z

Reserved: 2024-08-05T00:00:00

Link: CVE-2024-42642

cve-icon Vulnrichment

Updated: 2024-09-05T14:35:56.394Z

cve-icon NVD

Status : Modified

Published: 2024-09-04T20:15:07.007

Modified: 2024-10-24T17:35:08.450

Link: CVE-2024-42642

cve-icon Redhat

No data.