View CSAF
1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Rockwell Automation
- Equipment: 1756-EN2T, 1756-EN2TK, 1756-EN2TXT, 1756-EN2TP, 1756-EN2TPK, 1756-EN2TPXT, 1756-EN2TR, 1756-EN2TRK, 1756-EN2TRXT, 1756-EN2F, 1756-EN2FK, 1756-EN3TR, 1756-EN3TRK
- Vulnerability: Stack-based Buffer Overflow
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to achieve remote code execution.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of Rockwell Automation Logix Communication Modules, are affected:
- 1756-EN2T Series A: versions 5.008 and prior
- 1756-EN2T Series A: version 5.028
- 1756-EN2T Series B: versions 5.008 and prior
- 1756-EN2T Series B: version 5.028
- 1756-EN2T Series C: versions 5.008 and prior
- 1756-EN2T Series C: version 5.028
- 1756-EN2T Series D: versions 11.002 and prior
- 1756-EN2TK Series A: versions 5.008 and prior
- 1756-EN2TK Series A: version 5.028
- 1756-EN2TK Series B: versions 5.008 and prior
- 1756-EN2TK Series B: version 5.028
- 1756-EN2TK Series C: versions 5.008 and prior
- 1756-EN2TK Series C: version 5.028
- 1756-EN2TK Series D: versions 11.002 and prior
- 1756-EN2TXT Series A: versions 5.008 and prior
- 1756-EN2TXT Series A: and version 5.028
- 1756-EN2TXT Series B: versions 5.008 and prior
- 1756-EN2TXT Series B: version 5.028
- 1756-EN2TXT Series C: versions 5.008 and prior
- 1756-EN2TXT Series C: version 5.028
- 1756-EN2TXT Series D: versions 11.002 and prior
- 1756-EN2TP Series A: versions 11.002 and prior
- 1756-EN2TPK Series A: versions 11.002 and prior
- 1756-EN2TPXT Series A: versions 11.002 and prior
<
ul>
1756-EN2TR Series A: versi
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from All CISA Advisories
Read the original article: