CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-6199: Unauthenticated Remote Code Execution

7.7 CVSS

Description

An unauthenticated attacker on the WAN interface, with the ability to intercept Dynamic DNS (DDNS) traffic between DDNS services and the modem, could manipulate specific responses to include code that forces a buffer overflow on the modem.

Customers that have not enabled Dynamic DNS on their modem are not vulnerable.

Classification

CVE ID: CVE-2024-6199

CVSS Base Severity: HIGH

CVSS Base Score: 7.7

CVSS Vector: CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:D/RE:M/U:Red

Problem Types

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected Products

Vendor: ViaSat, Viasat

Product: RM5110, RM5111, RG1100, EG1000, EG1020

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.02% (probability of being exploited)

EPSS Percentile: 3.2% (scored less or equal to compared to others)

EPSS Date: 2025-05-24 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2024-6199
https://www.onekey.com/resource/security-advisory-rce-on-viasat-modems-cve-2024-6199

Timeline

2025-04-25 13:40:16 UTC
CVE

Unauthenticated Remote Code Execution