CVE-2024-42650
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-07-15

Last updated on: 2025-07-17

Assigner: MITRE

Description
NanoMQ 0.17.5 was discovered to contain a segmentation fault via the component /nanomq/pub_handler.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PUBLISH message.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-15
Last Modified
2025-07-17
Generated
2026-05-07
AI Q&A
2025-07-15
EPSS Evaluated
2026-05-05
NVD
CVE-2024-42650
EUVD
EUVD-2024-54787
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
emqx nanomq 0.17.5
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-NVD-CWE-noinfo
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in NanoMQ 0.17.5 is a segmentation fault caused by improper handling in the /nanomq/pub_handler.c component. Specifically, it occurs when processing a crafted PUBLISH message, which can trigger a crash in the software. [1]


How can this vulnerability impact me? :

An attacker can exploit this vulnerability to cause a Denial of Service (DoS) by sending a specially crafted PUBLISH message, leading to a crash of the NanoMQ broker and disruption of its messaging services.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, update NanoMQ to a version that includes the fix merged on April 18, 2023, which addresses the issue in the pub_handler.c component. Applying this patch will improve the robustness of the publication handling mechanism and prevent the Denial of Service caused by crafted PUBLISH messages. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart