CVE-2024-25087

Q: What is the severity of CVE-2024-25087?

CVE-2024-25087 has a CVSS score of 5.5 (MEDIUM). A local Denial of Service vulnerability in Jungo WinDriver allows attackers with local access to cause a Windows blue screen error (BSOD), crashing the system. This affects Windows systems running WinDriver versions before 12.7.0. The vulnerability requires local access to exploit.

5.5 MEDIUM

Denial of Service

📋 TL;DR

A local Denial of Service vulnerability in Jungo WinDriver allows attackers with local access to cause a Windows blue screen error (BSOD), crashing the system. This affects Windows systems running WinDriver versions before 12.7.0. The vulnerability requires local access to exploit.

💻 Affected Systems

Products:

Jungo WinDriver

Versions: All versions before 12.7.0

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects Windows systems where WinDriver is installed and running. Requires local access to the system.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system crash requiring physical or remote console access to reboot, potentially disrupting critical operations and causing data loss from unsaved work.

🟠

Likely Case

Temporary system unavailability requiring reboot, disrupting user productivity and potentially affecting services running on the affected system.

🟢

If Mitigated

Minimal impact if proper access controls prevent unauthorized local access and systems are regularly backed up.

🌐 Internet-Facing: LOW - Requires local access, cannot be exploited remotely over the network.

🏢 Internal Only: MEDIUM - Malicious insiders or compromised accounts with local access could disrupt systems, but requires specific conditions.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires local access to the system. No public exploit code has been identified, but the vulnerability is straightforward to trigger based on the description.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 12.7.0

Vendor Advisory: https://jungo.com/windriver/versions/

Restart Required: Yes

Instructions:

1. Download WinDriver 12.7.0 or later from Jungo's website. 2. Uninstall the current vulnerable version. 3. Install the updated version. 4. Reboot the system to complete the installation.

🔧 Temporary Workarounds

Restrict Local Access

windows

Limit local login access to only authorized administrators to reduce attack surface.

Disable Unused WinDriver Services

windows

If WinDriver functionality is not required, disable or remove the software entirely.

🧯 If You Can't Patch

Implement strict access controls to limit local system access to trusted users only.
Monitor system logs for unauthorized access attempts and unexpected system crashes.

🔍 How to Verify

Check if Vulnerable:

Check WinDriver version in Control Panel > Programs and Features or by running the WinDriver configuration utility.

Check Version:

No single command; check via Windows GUI or WinDriver's own utilities.

Verify Fix Applied:

Verify installed WinDriver version is 12.7.0 or higher using the same methods.

📡 Detection & Monitoring

Log Indicators:

Windows Event Logs showing SYSTEM crashes (Event ID 41)
Unexpected system reboots
WinDriver service failures

Network Indicators:

None - this is a local vulnerability

SIEM Query:

EventID=41 AND Source="Microsoft-Windows-Kernel-Power" | search "BugCheckCode" OR "blue screen"

📊 Metadata

CVE ID: CVE-2024-25087

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-404

Published: July 2, 2024

Last Updated: March 14, 2025

🔗 References

https://jungo.com/windriver/versions/ Release Notes
https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04 Third Party Advisory,US Government Resource
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf Third Party Advisory
https://jungo.com/windriver/versions/ Release Notes
https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04 Third Party Advisory,US Government Resource
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf Third Party Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Cpu Module Logging Configuration Tool by Mitsubishielectric

Cw Configurator by Mitsubishielectric

Data Transfer by Mitsubishielectric

Data Transfer Classic by Mitsubishielectric

Ezsocket by Mitsubishielectric

Fr Configurator Sw3 by Mitsubishielectric

Fr Configurator2 by Mitsubishielectric

Genesis64 by Mitsubishielectric

Gt Got1000 by Mitsubishielectric

Gt Got2000 by Mitsubishielectric

Gt Softgot1000 by Mitsubishielectric

Gt Softgot2000 by Mitsubishielectric

Gx Developer by Mitsubishielectric

Gx Logviewer by Mitsubishielectric

Gx Works2 by Mitsubishielectric

Gx Works3 by Mitsubishielectric

Iq Works by Mitsubishielectric

Mi Configurator by Mitsubishielectric

Mr Configurator by Mitsubishielectric

Mr Configurator2 by Mitsubishielectric

Mrzjw3 Mc2 Utl Firmware by Mitsubishielectric

Mx Component by Mitsubishielectric

Mx Opc Server Da\/ua by Mitsubishielectric

Numerical Control Device Communication by Mitsubishielectric

Px Developer\/monitor Tool by Mitsubishielectric

Rt Toolbox3 by Mitsubishielectric

Rt Visualbox by Mitsubishielectric

Sw0dnc Mneth B Firmware by Mitsubishielectric

Sw1dnc Ccbd2 B Firmware by Mitsubishielectric

Sw1dnc Ccief B Firmware by Mitsubishielectric

Sw1dnc Ccief J Firmware by Mitsubishielectric

Sw1dnc Mnetg B Firmware by Mitsubishielectric

Sw1dnc Qsccf B Firmware by Mitsubishielectric

Sw1dnd Emsdk B Firmware by Mitsubishielectric

Windriver by Jungo