What is the CVSS score of CVE-2024-45064?

CVE-2024-45064 has a CVSS 3.1 base score of 8.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H. EPSS exploitation probability: 0.7%.

Which versions of X Cube Azrt H7Rs are affected by CVE-2024-45064?

CVE-2024-45064 presents significant security risk, a buffer overflow vulnerability rated CVSS 8.5.

Is there a public PoC exploit available for CVE-2024-45064?

Yes, a public proof-of-concept exploit is available for CVE-2024-45064. Prioritise patching immediately. EPSS: 0.7%.

How to fix or mitigate CVE-2024-45064?

Within 7 days: Identify all affected systems and apply vendor patches promptly. Monitor vendor channels for patch availability.

X Cube Azrt H7Rs CVE-2024-45064

HIGH

Buffer Overflow (CWE-119)

2025-04-02 talos-cna@cisco.com

Buffer Overflow RCE X Cube Azrt H7Rs X Cube Azrtos F4 X Cube Azrtos F7 X Cube Azrtos G0 X Cube Azrtos G4 X Cube Azrtos H7 X Cube Azrtos L4 X Cube Azrtos L5 X Cube Azrtos Wb X Cube Azrtos Wl

8.5

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

8.5 HIGH

AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 18:34 vuln.today

PoC Detected

Sep 05, 2025 - 17:11 vuln.today

Public exploit code

CVE Published

Apr 02, 2025 - 14:15 nvd

HIGH 8.5

DescriptionCVE.org

A buffer overflow vulnerability exists in the FileX Internal RAM interface functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted set of network packets can lead to code execution. An attacker can send a sequence of requests to trigger this vulnerability.

AnalysisAI

A buffer overflow vulnerability exists in the FileX Internal RAM interface functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. A buffer overflow vulnerability exists in the FileX Internal RAM interface functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted set of network packets can lead to code execution. An attacker can send a sequence of requests to trigger this vulnerability. Affected products include: St X-Cube-Azrt-H7Rs, St X-Cube-Azrtos-F4, St X-Cube-Azrtos-F7, St X-Cube-Azrtos-G0, St X-Cube-Azrtos-G4.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.

CVE-2024-45064 vulnerability details – vuln.today

Back

X Cube Azrt H7Rs CVE-2024-45064

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code