CVE-2024-6199

Unauthenticated Remote Code Execution

Description

An unauthenticated attacker on the WAN interface, with the ability to intercept Dynamic DNS (DDNS) traffic between DDNS services and the modem, could manipulate specific responses to include code that forces a buffer overflow on the modem. Customers that have not enabled Dynamic DNS on their modem are not vulnerable.

Remediation

Solution:

  • A patch has been deployed by Viasat through the auto-update mechanism. Make sure you're running on a version above 4.3.0.2 to validate that your modem was updated.

Workaround:

  • Disable Dynamic DNS on your modem.

Category

7.7
CVSS
Severity: High
CVSS 4.0 •
EPSS 0.02%
Third-Party Advisory onekey.com
Affected: ViaSat RM5110
Affected: ViaSat RM5111
Affected: Viasat RG1100
Affected: Viasat EG1000
Affected: Viasat EG1020
Published at:
Updated at:

References

Link Tags
https://www.onekey.com/resource/security-advisory-rce-on-viasat-modems-cve-2024-6199 third party advisory technical description

Frequently Asked Questions

What is the severity of CVE-2024-6199?
CVE-2024-6199 has been scored as a high severity vulnerability.
How to fix CVE-2024-6199?
To fix CVE-2024-6199: A patch has been deployed by Viasat through the auto-update mechanism. Make sure you're running on a version above 4.3.0.2 to validate that your modem was updated.
Is CVE-2024-6199 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-6199 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-6199?
CVE-2024-6199 affects ViaSat RM5110, ViaSat RM5111, Viasat RG1100, Viasat EG1000, Viasat EG1020.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.