Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-36468

The reported vulnerability is a stack buffer overflow in the zbx_snmp_cache_handle_engineid function within the Zabbix server/proxy code. This issue occurs when copying data from session->securityEngineID to local_record.engineid without proper bounds checking.

Published

2024-11-27T12:15:20.383

Last Modified

2025-10-08T16:22:08.123

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 3.0 (LOW)

Weaknesses

Type: Secondary
CWE-121

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	zabbix	zabbix	< 7.0.3	Yes

References

https://support.zabbix.com/browse/ZBX-25621 Vendor Advisory ([email protected])