A vulnerability in the implementation of Common Industrial Protocol (CIP) functionality in Cisco Industrial Ethernet 2000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to a system memory leak.
The vulnerability is due to improper handling of malformed CIP packets. An attacker could exploit this vulnerability by sending malformed CIP requests to a targeted device. A successful exploit could allow the attacker to cause a DoS condition on the targeted device due to low system memory.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-psc1 [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-psc1”]
CPE | Name | Operator | Version |
---|---|---|---|
cisco industrial ethernet 2000 series switches | eq | any | |
cisco industrial ethernet | eq | 2000 Series Switches |