{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-24465", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "state": "PUBLISHED", "assignerShortName": "jpcert", "dateReserved": "2026-01-30T01:42:43.398Z", "datePublished": "2026-02-03T06:57:51.704Z", "dateUpdated": "2026-02-03T15:47:24.584Z"}, "containers": {"cna": {"affected": [{"vendor": "ELECOM CO.,LTD.", "product": "WAB-S733IW2-PD", "versions": [{"version": "v5.5.00 and earlier versions", "status": "affected"}]}, {"vendor": "ELECOM CO.,LTD.", "product": "WAB-S733IW-AC", "versions": [{"version": "v5.5.00 and earlier versions", "status": "affected"}]}, {"vendor": "ELECOM CO.,LTD.", "product": "WAB-S733IW-PD", "versions": [{"version": "all versions", "status": "affected"}]}, {"vendor": "ELECOM CO.,LTD.", "product": "WAB-S300IW2-PD", "versions": [{"version": "v5.5.00 and earlier versions", "status": "affected"}]}, {"vendor": "ELECOM CO.,LTD.", "product": "WAB-S300IW-AC", "versions": [{"version": "v5.5.00 and earlier versions", "status": "affected"}]}, {"vendor": "ELECOM CO.,LTD.", "product": "WAB-S300IW-PD", "versions": [{"version": "all versions", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow vulnerability exists in ELECOM wireless LAN access point devices. A crafted packet may lead to arbitrary code execution."}], "problemTypes": [{"descriptions": [{"description": "Stack-based buffer overflow", "lang": "en-US", "cweId": "CWE-121", "type": "CWE"}]}], "references": [{"url": "https://www.elecom.co.jp/news/security/20260203-01/"}, {"url": "https://www.elecom.co.jp/news/security/20260203-02/"}, {"url": "https://jvn.jp/en/jp/JVN94012927/"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_0": {"version": "3.0", "baseSeverity": "CRITICAL", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}, {"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV4_0": {"version": "4.0", "baseSeverity": "CRITICAL", "baseScore": 9.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2026-02-03T06:57:51.704Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-03T15:47:14.941854Z", "id": "CVE-2026-24465", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-03T15:47:24.584Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-24465", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "state": "PUBLISHED", "assignerShortName": "jpcert", "dateReserved": "2026-01-30T01:42:43.398Z", "datePublished": "2026-02-03T06:57:51.704Z", "dateUpdated": "2026-02-03T15:47:24.584Z"}, "containers": {"cna": {"affected": [{"vendor": "ELECOM CO.,LTD.", "product": "WAB-S733IW2-PD", "versions": [{"version": "v5.5.00 and earlier versions", "status": "affected"}]}, {"vendor": "ELECOM CO.,LTD.", "product": "WAB-S733IW-AC", "versions": [{"version": "v5.5.00 and earlier versions", "status": "affected"}]}, {"vendor": "ELECOM CO.,LTD.", "product": "WAB-S733IW-PD", "versions": [{"version": "all versions", "status": "affected"}]}, {"vendor": "ELECOM CO.,LTD.", "product": "WAB-S300IW2-PD", "versions": [{"version": "v5.5.00 and earlier versions", "status": "affected"}]}, {"vendor": "ELECOM CO.,LTD.", "product": "WAB-S300IW-AC", "versions": [{"version": "v5.5.00 and earlier versions", "status": "affected"}]}, {"vendor": "ELECOM CO.,LTD.", "product": "WAB-S300IW-PD", "versions": [{"version": "all versions", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow vulnerability exists in ELECOM wireless LAN access point devices. A crafted packet may lead to arbitrary code execution."}], "problemTypes": [{"descriptions": [{"description": "Stack-based buffer overflow", "lang": "en-US", "cweId": "CWE-121", "type": "CWE"}]}], "references": [{"url": "https://www.elecom.co.jp/news/security/20260203-01/"}, {"url": "https://www.elecom.co.jp/news/security/20260203-02/"}, {"url": "https://jvn.jp/en/jp/JVN94012927/"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_0": {"version": "3.0", "baseSeverity": "CRITICAL", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}, {"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV4_0": {"version": "4.0", "baseSeverity": "CRITICAL", "baseScore": 9.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2026-02-03T06:57:51.704Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-24465", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-02-03T15:47:14.941854Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-03T15:47:20.792Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:elecom:wab-s300iw-pd_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8BB3E813-C4C3-485D-BF61-3F9DBEB0D680", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:elecom:wab-s300iw-pd:*:*:*:*:*:*:*:*", "matchCriteriaId": "83425C57-2BCD-4F46-83AC-B9EE0007C3E9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:elecom:wab-s733iw-pd_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F2E1B3D9-E890-4419-BBC7-D4AE7E178A91", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:elecom:wab-s733iw-pd:*:*:*:*:*:*:*:*", "matchCriteriaId": "EB88F5CF-8DD1-4311-91FB-2993DC49D806", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:elecom:wrc-x1500gsa-b_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C0B498FF-5614-4DE4-83E8-383B56015CAD", "versionEndExcluding": "1.13", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:elecom:wrc-x1500gsa-b:*:*:*:*:*:*:*:*", "matchCriteriaId": "D198866F-7CB3-4EA0-86EA-345CF65E116F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:elecom:wrc-x1500gs-b_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DD09C01F-808C-441E-87E7-EDFFDEC28F32", "versionEndExcluding": "1.13", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:elecom:wrc-x1500gs-b:*:*:*:*:*:*:*:*", "matchCriteriaId": "F2B13224-1E88-4415-8B8E-979D00BD68F2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:elecom:wab-s300iw2-pd_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1981D6C7-925C-48D5-AC62-7EA49A6ADDF8", "versionEndExcluding": "5.5.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:elecom:wab-s300iw2-pd:*:*:*:*:*:*:*:*", "matchCriteriaId": "49761255-54A8-4EA6-815B-0101CB3B3654", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:elecom:wab-s300iw-ac_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3AC64B10-064A-4257-84B7-ED787A781D05", "versionEndExcluding": "5.5.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:elecom:wab-s300iw-ac:*:*:*:*:*:*:*:*", "matchCriteriaId": "384B87CA-AC9B-45FC-8A5A-0DBE85EF4672", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:elecom:wab-s733iw2-pd_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "137542E3-E35A-402B-B639-B981B1EF6B95", "versionEndExcluding": "5.5.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:elecom:wab-s733iw2-pd:*:*:*:*:*:*:*:*", "matchCriteriaId": "8C3B4CD1-2386-43BA-BAEC-4E1656EA3B1A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:elecom:wab-s733iw-ac_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF85D5B3-2B0E-4B0A-BA5A-8BAFBA7DB05B", "versionEndExcluding": "5.5.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:elecom:wab-s733iw-ac:*:*:*:*:*:*:*:*", "matchCriteriaId": "A73628CA-FF19-47C7-B096-E4312D52A120", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow vulnerability exists in ELECOM wireless LAN access point devices. A crafted packet may lead to arbitrary code execution."}, {"lang": "es", "value": "Vulnerabilidad de desbordamiento de b\u00fafer basado en pila existe en dispositivos de punto de acceso LAN inal\u00e1mbrica ELECOM. Un paquete manipulado puede conducir a ejecuci\u00f3n de c\u00f3digo arbitrario."}], "id": "CVE-2026-24465", "lastModified": "2026-04-14T12:59:18.737", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "vultures@jpcert.or.jp", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "vultures@jpcert.or.jp", "type": "Secondary"}]}, "published": "2026-02-03T07:16:13.127", "references": [{"source": "vultures@jpcert.or.jp", "tags": ["Third Party Advisory"], "url": "https://jvn.jp/en/jp/JVN94012927/"}, {"source": "vultures@jpcert.or.jp", "tags": ["Vendor Advisory"], "url": "https://www.elecom.co.jp/news/security/20260203-01/"}, {"source": "vultures@jpcert.or.jp", "tags": ["Vendor Advisory"], "url": "https://www.elecom.co.jp/news/security/20260203-02/"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-121"}], "source": "vultures@jpcert.or.jp", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-18T00:23:48.836306+00:00", "value": {"mitigation_remediation": ["Install the latest firmware update released by Elecom for all affected WAB\u2011S300IW and WAB\u2011S733IW access points", "If a patch is not yet available, isolate the access points from untrusted networks or place them in a segmented VLAN to reduce exposure", "Configure network perimeter firewalls or IDS/IPS solutions to drop anomalous packets that could trigger the buffer overflow"], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The flaw affects Elecom wireless LAN access\u2011point models WAB\u2011S300IW\u2011AC, WAB\u2011S300IW\u2011PD, WAB\u2011S300IW2\u2011PD, WAB\u2011S733IW\u2011AC, WAB\u2011S733IW\u2011PD, and WAB\u2011S733IW2\u2011PD, including their firmware images.", "description_and_impact": "This vulnerability is a stack\u2011based buffer overflow that can be triggered by a specially crafted packet. When the overflow occurs, an attacker may gain arbitrary code execution on the wireless LAN access point. The weakness is a classic stack corruption flaw (CWE\u2011121).", "risk_and_exploitability": "The CVSS base score of 9.3 marks it as critical, but the EPSS score of less than 1% indicates that few exploits are observed or that the confidence in exploitation is low. It is not listed in the CISA KEV catalog. Attackers would need to send the crafted packet from the network to the device, suggesting a network\u2011based attack vector. The high severity and the ability to execute arbitrary code make it a top\u2011priority risk for exposed network interfaces."}}}}, "created": "2026-02-04T12:14:46.471311+00:00", "title": "Stack\u2011Based Buffer Overflow in Elecom Wireless LAN Access Points Enables Arbitrary Code Execution", "updated": "2026-04-18T00:30:25.712188+00:00", "vendors": ["elecom", "elecom$PRODUCT$wab-s300iw-ac", "elecom$PRODUCT$wab-s300iw-pd", "elecom$PRODUCT$wab-s300iw2-pd", "elecom$PRODUCT$wab-s733iw-ac", "elecom$PRODUCT$wab-s733iw-pd", "elecom$PRODUCT$wab-s733iw2-pd"]}