Lucene search

[email protected]CVE-2016-9343

HistoryFeb 13, 2017 - 9:59 p.m.

CVE-2016-9343

2017-02-1321:59:01

CWE-787

[email protected]

web.nvd.nist.gov

cve-2016-9343

rockwell automation

logix5000

programmable automation controller

cip

buffer overflow

code execution

denial of service

nvd

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

51.5%

JSON

An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service.

Affected configurations

NVD

Node

rockwellautomationsoftlogix_5800_controller_firmwareMatch18.00

rockwellautomationsoftlogix_5800_controller_firmwareMatch19.00

rockwellautomationsoftlogix_5800_controller_firmwareMatch20.00

rockwellautomationsoftlogix_5800_controller_firmwareMatch21.00

AND

rockwellautomationsoftlogix_5800_controllerMatch-

Node

rockwellautomationrslogix_emulate_5000_firmwareMatch18.00

rockwellautomationrslogix_emulate_5000_firmwareMatch19.00

rockwellautomationrslogix_emulate_5000_firmwareMatch20.00

rockwellautomationrslogix_emulate_5000_firmwareMatch21.00

AND

rockwellautomationrslogix_emulate_5000Match-

Node

rockwellautomationguardlogix_5570_controller_firmwareMatch16.00

rockwellautomationguardlogix_5570_controller_firmwareMatch17.00

rockwellautomationguardlogix_5570_controller_firmwareMatch18.00

rockwellautomationguardlogix_5570_controller_firmwareMatch19.00

rockwellautomationguardlogix_5570_controller_firmwareMatch20.00

rockwellautomationguardlogix_5570_controller_firmwareMatch20.010

rockwellautomationguardlogix_5570_controller_firmwareMatch20.017

rockwellautomationguardlogix_5570_controller_firmwareMatch21.00

AND

rockwellautomationguardlogix_5570_controllerMatch-

Node

rockwellautomationflexlogix_l34_controller_firmwareMatch16.00

AND

rockwellautomationflexlogix_l34_controllerMatch-

Node

rockwellautomationcontrollogix_l55_controller_firmwareMatch16.00

rockwellautomationcontrollogix_l55_controller_firmwareMatch16.020

rockwellautomationcontrollogix_l55_controller_firmwareMatch16.022

AND

rockwellautomationcontrollogix_l55_controllerMatch-

Node

rockwellautomationcontrollogix_5570_redundant_controller_firmwareMatch20.00

rockwellautomationcontrollogix_5570_redundant_controller_firmwareMatch20.050

rockwellautomationcontrollogix_5570_redundant_controller_firmwareMatch20.055

rockwellautomationcontrollogix_5570_redundant_controller_firmwareMatch21.00

AND

rockwellautomationcontrollogix_5570_redundant_controllerMatch-

Node

rockwellautomationcontrollogix_5570_controller_firmwareMatch18.00

rockwellautomationcontrollogix_5570_controller_firmwareMatch19.00

rockwellautomationcontrollogix_5570_controller_firmwareMatch20.010

rockwellautomationcontrollogix_5570_controller_firmwareMatch20.013

rockwellautomationcontrollogix_5570_controller_firmwareMatch21.00

AND

rockwellautomationcontrollogix_5570_controllerMatch-

Node

rockwellautomationcontrollogix_5560_redundant_controller_firmwareMatch16.00

rockwellautomationcontrollogix_5560_redundant_controller_firmwareMatch19.00

rockwellautomationcontrollogix_5560_redundant_controller_firmwareMatch20.00

rockwellautomationcontrollogix_5560_redundant_controller_firmwareMatch20.050

rockwellautomationcontrollogix_5560_redundant_controller_firmwareMatch20.055

AND

rockwellautomationcontrollogix_5560_redundant_controllerMatch-

Node

rockwellautomationcontrollogix_5560_controller_firmwareMatch16.00

rockwellautomationcontrollogix_5560_controller_firmwareMatch16.020

rockwellautomationcontrollogix_5560_controller_firmwareMatch16.022

rockwellautomationcontrollogix_5560_controller_firmwareMatch17.00

rockwellautomationcontrollogix_5560_controller_firmwareMatch18.00

rockwellautomationcontrollogix_5560_controller_firmwareMatch19.00

rockwellautomationcontrollogix_5560_controller_firmwareMatch20.00

rockwellautomationcontrollogix_5560_controller_firmwareMatch20.010

rockwellautomationcontrollogix_5560_controller_firmwareMatch20.013

AND

rockwellautomationcontrollogix_5560_controllerMatch-

Node

rockwellautomation1769_compactlogix_l3x_controller_firmwareMatch16.00

rockwellautomation1769_compactlogix_l3x_controller_firmwareMatch16.020

rockwellautomation1769_compactlogix_l3x_controller_firmwareMatch16.023

rockwellautomation1769_compactlogix_l3x_controller_firmwareMatch17.00

rockwellautomation1769_compactlogix_l3x_controller_firmwareMatch18.00

rockwellautomation1769_compactlogix_l3x_controller_firmwareMatch19.00

rockwellautomation1769_compactlogix_l3x_controller_firmwareMatch20.00

rockwellautomation1769_compactlogix_l3x_controller_firmwareMatch20.010

rockwellautomation1769_compactlogix_l3x_controller_firmwareMatch20.013

AND

rockwellautomation1769_compactlogix_l3x_controllerMatch-

Node

rockwellautomation1769_compactlogix_l23x_controller_firmwareMatch16.00

rockwellautomation1769_compactlogix_l23x_controller_firmwareMatch17.00

rockwellautomation1769_compactlogix_l23x_controller_firmwareMatch18.00

rockwellautomation1769_compactlogix_l23x_controller_firmwareMatch19.00

rockwellautomation1769_compactlogix_l23x_controller_firmwareMatch20.00

rockwellautomation1769_compactlogix_l23x_controller_firmwareMatch20.010

rockwellautomation1769_compactlogix_l23x_controller_firmwareMatch20.013

AND

rockwellautomation1769_compactlogix_l23x_controllerMatch-

Node

rockwellautomation1769_compactlogix_5370_l3_controller_firmwareMatch20.00

rockwellautomation1769_compactlogix_5370_l3_controller_firmwareMatch20.010

rockwellautomation1769_compactlogix_5370_l3_controller_firmwareMatch20.013

rockwellautomation1769_compactlogix_5370_l3_controller_firmwareMatch21.00

AND

rockwellautomation1769_compactlogix_5370_l3_controllerMatch-

Node

rockwellautomation1769_compactlogix_5370_l2_controller_firmwareMatch20.00

rockwellautomation1769_compactlogix_5370_l2_controller_firmwareMatch20.010

rockwellautomation1769_compactlogix_5370_l2_controller_firmwareMatch20.013

rockwellautomation1769_compactlogix_5370_l2_controller_firmwareMatch21.00

AND

rockwellautomation1769_compactlogix_5370_l2_controllerMatch-

Node

rockwellautomation1769_compactlogix_5370_l1_controller_firmwareMatch20.00

rockwellautomation1769_compactlogix_5370_l1_controller_firmwareMatch20.010

rockwellautomation1769_compactlogix_5370_l1_controller_firmwareMatch20.013

rockwellautomation1769_compactlogix_5370_l1_controller_firmwareMatch21.00

AND

rockwellautomation1769_compactlogix_5370_l1_controllerMatch-

Node

rockwellautomation1768_compactlogix_l4x_controller_firmwareMatch16.00

rockwellautomation1768_compactlogix_l4x_controller_firmwareMatch16.020

rockwellautomation1768_compactlogix_l4x_controller_firmwareMatch16.025

rockwellautomation1768_compactlogix_l4x_controller_firmwareMatch17.00

rockwellautomation1768_compactlogix_l4x_controller_firmwareMatch18.00

rockwellautomation1768_compactlogix_l4x_controller_firmwareMatch19.00

rockwellautomation1768_compactlogix_l4x_controller_firmwareMatch20.00

rockwellautomation1768_compactlogix_l4x_controller_firmwareMatch20.011

rockwellautomation1768_compactlogix_l4x_controller_firmwareMatch20.016

AND

rockwellautomation1768_compactlogix_l4x_controllerMatch-

Node

rockwellautomation1768_compact_guardlogix_l4xs_controller_firmwareMatch18.00

rockwellautomation1768_compact_guardlogix_l4xs_controller_firmwareMatch19.00

rockwellautomation1768_compact_guardlogix_l4xs_controller_firmwareMatch20.00

rockwellautomation1768_compact_guardlogix_l4xs_controller_firmwareMatch20.011

rockwellautomation1768_compact_guardlogix_l4xs_controller_firmwareMatch20.013

AND

rockwellautomation1768_compact_guardlogix_l4xs_controllerMatch-

CPENameOperatorVersion
rockwellautomation:softlogix_5800_controller_firmwarerockwellautomation softlogix 5800 controller firmwareeq18.00
rockwellautomation:softlogix_5800_controller_firmwarerockwellautomation softlogix 5800 controller firmwareeq19.00
rockwellautomation:softlogix_5800_controller_firmwarerockwellautomation softlogix 5800 controller firmwareeq20.00
rockwellautomation:softlogix_5800_controller_firmwarerockwellautomation softlogix 5800 controller firmwareeq21.00

CPE	Name	Operator	Version
rockwellautomation:softlogix_5800_controller_firmware	rockwellautomation softlogix 5800 controller firmware	eq	18.00
rockwellautomation:softlogix_5800_controller_firmware	rockwellautomation softlogix 5800 controller firmware	eq	19.00
rockwellautomation:softlogix_5800_controller_firmware	rockwellautomation softlogix 5800 controller firmware	eq	20.00
rockwellautomation:softlogix_5800_controller_firmware	rockwellautomation softlogix 5800 controller firmware	eq	21.00

CNA Affected

[
  {
    "product": "Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00"
      }
    ]
  }
]

References

www.securityfocus.com/bid/95304

ics-cert.us-cert.gov/advisories/ICSA-16-343-05

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

51.5%

JSON

Related for CVE-2016-9343

checkpoint_advisories1 nvd1 cvelist1 ics2 prion1 nessus2