PatchSiren cyber security CVE debrief
CVE-2024-24487 Raw CVE debrief
CVE-2024-24487 is a network-reachable denial-of-service issue reported in Silex Technology products. According to the CISA CSAF advisory published on 2026-04-21, crafted UDP packets using the EXEC REBOOT SYSTEM command can cause a denial of service. Vendor fixes are available, and systems exposed to untrusted networks should be prioritized for review and update.
- Vendor
- Raw
- Product
- Silex Technology SD-330AC <=1.42 AMC Manager <=5.0.2
- CVSS
- MEDIUM 6.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-04-21
- Original CVE updated
- 2026-04-21
- Advisory published
- 2026-04-21
- Advisory updated
- 2026-04-21
Who should care
Organizations running Silex Technology SD-330AC firmware or AMC Manager, especially in industrial or other operational environments where a denial of service could interrupt device availability or connected workflows.
Technical summary
The advisory states that a remote attacker can send crafted UDP packets that invoke the EXEC REBOOT SYSTEM command and cause a denial of service. The supplied source data associates the issue with Silex Technology SD-330AC and AMC Manager, while the advisory note text also references DS-600 Firmware v1.4.1; that product naming should be verified against the vendor and CISA references before deployment decisions are made. Vendor remediation listed in the advisory is SD-330AC firmware Ver 1.50 or later and AMC Manager Ver. 5.1.0 or later.
Defensive priority
High for any exposed or operational deployment because the issue is remotely reachable and can disrupt availability; otherwise medium if the affected devices are isolated and not reachable from untrusted networks.
Recommended defensive actions
- Identify whether any deployed Silex Technology SD-330AC or AMC Manager instances match the affected versions listed in the advisory.
- Upgrade SD-330AC firmware to Ver 1.50 or later.
- Upgrade AMC Manager to Ver. 5.1.0 or later.
- Restrict exposure of affected management or UDP-reachable services to trusted administrative networks only.
- Validate the exact affected product naming and versioning against the CISA advisory and the vendor/JPCERT references before scheduling remediation.
- Monitor affected environments for unexpected reboots, service interruptions, or anomalous UDP traffic targeting the device management interface.
Evidence notes
All claims above are drawn from the supplied CISA CSAF source item and its listed official references. The source item was published and modified on 2026-04-21. The advisory text describes remote denial of service via crafted UDP packets using the EXEC REBOOT SYSTEM command. Remediation entries in the source list SD-330AC firmware Ver 1.50 or later and AMC Manager Ver. 5.1.0 or later. The source data also contains a product-description mismatch: the title names SD-330AC and AMC Manager, while the note text mentions DS-600 Firmware v1.4.1.
Official resources
-
CVE-2024-24487 CVE record
CVE.org
-
CVE-2024-24487 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Public advisory published by CISA on 2026-04-21; vendor fixes were included in the source advisory at publication time.