Vulnerability CVE-2016-9343
Published: 2017-02-13   Modified: 2017-02-14

Description:
An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service.

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Rockwell automation -> Flexlogix l34 controller firmware 
Rockwell automation -> 1768 compactlogix l4x controller firmware 
Rockwell automation -> 1769 compactlogix 5370 l1 controller firmware 
Rockwell automation -> Guardlogix 5570 controller firmware 
Rockwell automation -> Controllogix 5560 redundant controller firmware 
Rockwell automation -> Controllogix 5570 controller firmware 
Rockwell automation -> 1769 compactlogix l3x controller firmware 
Rockwell automation -> Controllogix l55 controller firmware 
Rockwell automation -> Controllogix 5560 controller firmware 
Rockwell automation -> 1769 compactlogix l23x controller firmware 
Rockwell automation -> 1768 compact guardlogix l4xs controller firmware 
Rockwell automation -> 1769 compactlogix 5370 l2 controller firmware 
Rockwell automation -> 1769 compactlogix 5370 l3 controller firmware 
Rockwell automation -> Controllogix 5570 redundant controller firmware 
Rockwell automation -> Rslogix emulate 5000 firmware 
Rockwell automation -> Softlogix 5800 controller firmware 

 References:
http://www.securityfocus.com/bid/95304
https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05
Copyright 2024, cxsecurity.com

 

Back to Top