CVE-2024-22103

Q: What is the severity of CVE-2024-22103?

CVE-2024-22103 has a CVSS score of 5.5 (MEDIUM). An out-of-bounds write vulnerability in Jungo WinDriver allows local attackers to trigger a Windows blue screen error, causing denial of service. This affects systems running vulnerable versions of WinDriver, primarily impacting industrial control systems and embedded Windows environments where this driver development toolkit is used.

5.5 MEDIUM

Denial of Service

📋 TL;DR

An out-of-bounds write vulnerability in Jungo WinDriver allows local attackers to trigger a Windows blue screen error, causing denial of service. This affects systems running vulnerable versions of WinDriver, primarily impacting industrial control systems and embedded Windows environments where this driver development toolkit is used.

💻 Affected Systems

Products:

Jungo WinDriver

Versions: All versions before 12.6.0

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Primarily affects industrial control systems and embedded Windows devices using WinDriver for hardware interfacing.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system crash requiring physical reboot, potentially disrupting critical industrial processes or embedded systems.

🟠

Likely Case

Local denial of service through system crash, requiring reboot to restore functionality.

🟢

If Mitigated

Minimal impact with proper access controls preventing local execution by unauthorized users.

🌐 Internet-Facing: LOW - This is a local privilege vulnerability requiring local access to exploit.

🏢 Internal Only: MEDIUM - Internal users with local access could cause system crashes, but requires specific conditions and access.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and specific conditions to trigger the out-of-bounds write.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 12.6.0 and later

Vendor Advisory: https://jungo.com/windriver/versions/

Restart Required: Yes

Instructions:

1. Download WinDriver 12.6.0 or later from Jungo website. 2. Uninstall current WinDriver version. 3. Install updated version. 4. Reboot system.

🔧 Temporary Workarounds

Restrict Local Access

windows

Limit local user access to systems running vulnerable WinDriver versions

🧯 If You Can't Patch

Implement strict access controls to prevent unauthorized local access
Isolate affected systems from general user networks

🔍 How to Verify

Check if Vulnerable:

Check WinDriver version in Control Panel > Programs and Features or via vendor tools

Check Version:

Check vendor documentation for specific version checking tools

Verify Fix Applied:

Confirm WinDriver version is 12.6.0 or higher after update

📡 Detection & Monitoring

Log Indicators:

Windows blue screen events
System crash logs
Unexpected system reboots

Network Indicators:

None - local exploit only

SIEM Query:

EventID=41 OR EventID=1001 (Windows crash events) on systems with WinDriver

📊 Metadata

CVE ID: CVE-2024-22103

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-787

Published: July 2, 2024

Last Updated: November 21, 2024

🔗 References

https://jungo.com/windriver/versions/ Release Notes
https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04 Third Party Advisory,US Government Resource
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf Third Party Advisory
https://jungo.com/windriver/versions/ Release Notes
https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04 Third Party Advisory,US Government Resource
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf Third Party Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Cpu Module Logging Configuration Tool by Mitsubishielectric

Cw Configurator by Mitsubishielectric

Data Transfer by Mitsubishielectric

Data Transfer Classic by Mitsubishielectric

Ezsocket by Mitsubishielectric

Fr Configurator Sw3 by Mitsubishielectric

Fr Configurator2 by Mitsubishielectric

Genesis64 by Mitsubishielectric

Gt Got1000 by Mitsubishielectric

Gt Got2000 by Mitsubishielectric

Gt Softgot1000 by Mitsubishielectric

Gt Softgot2000 by Mitsubishielectric

Gx Developer by Mitsubishielectric

Gx Logviewer by Mitsubishielectric

Gx Works2 by Mitsubishielectric

Gx Works3 by Mitsubishielectric

Iq Works by Mitsubishielectric

Mi Configurator by Mitsubishielectric

Mr Configurator by Mitsubishielectric

Mr Configurator2 by Mitsubishielectric

Mrzjw3 Mc2 Utl Firmware by Mitsubishielectric

Mx Component by Mitsubishielectric

Mx Opc Server Da\/ua by Mitsubishielectric

Numerical Control Device Communication by Mitsubishielectric

Px Developer\/monitor Tool by Mitsubishielectric

Rt Toolbox3 by Mitsubishielectric

Rt Visualbox by Mitsubishielectric

Sw0dnc Mneth B Firmware by Mitsubishielectric

Sw1dnc Ccbd2 B Firmware by Mitsubishielectric

Sw1dnc Ccief B Firmware by Mitsubishielectric

Sw1dnc Ccief J Firmware by Mitsubishielectric

Sw1dnc Mnetg B Firmware by Mitsubishielectric

Sw1dnc Qsccf B Firmware by Mitsubishielectric

Sw1dnd Emsdk B Firmware by Mitsubishielectric

Windriver by Jungo