Lucene search

[email protected]NVD:CVE-2023-2262

HistorySep 20, 2023 - 4:15 p.m.

CVE-2023-2262

2023-09-2016:15:12

CWE-121

CWE-787

[email protected]

web.nvd.nist.gov

vulnerability

buffer overflow

rockwell automation

1756-en*

remote code execution

cip request

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

49.7%

JSON

A buffer overflow vulnerability exists in the Rockwell Automation select 1756-EN* communication devices. If exploited, a threat actor could potentially leverage this vulnerability to perform a remote code execution. To exploit this vulnerability, a threat actor would have to send a maliciously crafted CIP request to device.

Affected configurations

NVD

Node

rockwellautomation1756-en2t_series_a_firmwareRange5.008–5.028

AND

rockwellautomation1756-en2t_series_aMatch-

Node

rockwellautomation1756-en2t_series_b_firmwareRange5.008–5.028

AND

rockwellautomation1756-en2t_series_bMatch-

Node

rockwellautomation1756-en2t_series_c_firmwareRange5.008–5.028

AND

rockwellautomation1756-en2t_series_cMatch-

Node

rockwellautomation1756-en2t_series_d_firmwareRange≤11.002

AND

rockwellautomation1756-en2t_series_dMatch-

Node

rockwellautomation1756-en2tk_series_a_firmwareRange5.008–5.028

AND

rockwellautomation1756-en2tk_series_aMatch-

Node

rockwellautomation1756-en2tk_series_b_firmwareRange5.008–5.028

AND

rockwellautomation1756-en2tk_series_bMatch-

Node

rockwellautomation1756-en2tk_series_c_firmwareRange5.008–5.028

AND

rockwellautomation1756-en2tk_series_cMatch-

Node

rockwellautomation1756-en2txt_series_a_firmwareRange5.008–5.028

AND

rockwellautomation1756-en2txt_series_aMatch-

Node

rockwellautomation1756-en2txt_series_b_firmwareRange5.008–5.028

AND

rockwellautomation1756-en2txt_series_bMatch-

Node

rockwellautomation1756-en2txt_series_c_firmwareRange5.008–5.028

AND

rockwellautomation1756-en2txt_series_cMatch-

Node

rockwellautomation1756-en2txt_series_d_firmwareRange≤11.002

AND

rockwellautomation1756-en2txt_series_dMatch-

Node

rockwellautomation1756-en2tp_series_a_firmwareRange≤11.002

AND

rockwellautomation1756-en2tp_series_aMatch-

Node

rockwellautomation1756-en2tpk_series_a_firmwareRange≤11.002

AND

rockwellautomation1756-en2tpk_series_aMatch-

Node

rockwellautomation1756-en2tr_series_a_firmwareRange5.008–5.028

AND

rockwellautomation1756-en2tr_series_aMatch-

Node

rockwellautomation1756-en2tr_series_b_firmwareRange5.008–5.028

AND

rockwellautomation1756-en2tr_series_bMatch-

Node

rockwellautomation1756-en2tr_series_c_firmwareRange≤11.002

AND

rockwellautomation1756-en2tr_series_cMatch-

Node

rockwellautomation1756-en2trk_series_a_firmwareRange5.008–5.028

AND

rockwellautomation1756-en2trk_series_aMatch-

Node

rockwellautomation1756-en2trk_series_b_firmwareRange5.008–5.028

AND

rockwellautomation1756-en2trk_series_bMatch-

Node

rockwellautomation1756-en2trk_series_c_firmwareRange≤11.002

AND

rockwellautomation1756-en2trk_series_cMatch-

Node

rockwellautomation1756-en2trxt_series_a_firmwareRange5.008–5.028

AND

rockwellautomation1756-en2trxt_series_aMatch-

Node

rockwellautomation1756-en2trxt_series_b_firmwareRange5.008–5.028

AND

rockwellautomation1756-en2trxt_series_bMatch-

Node

rockwellautomation1756-en2trxt_series_c_firmwareRange≤11.002

AND

rockwellautomation1756-en2trxt_series_cMatch-

Node

rockwellautomation1756-en2f_series_a_firmwareRange5.008–5.028

AND

rockwellautomation1756-en2f_series_aMatch-

Node

rockwellautomation1756-en2f_series_b_firmwareRange5.008–5.028

AND

rockwellautomation1756-en2f_series_bMatch-

Node

rockwellautomation1756-en2f_series_c_firmwareRange≤11.002

AND

rockwellautomation1756-en2f_series_cMatch-

Node

rockwellautomation1756-en2fk_series_a_firmwareRange5.008–5.028

AND

rockwellautomation1756-en2fk_series_aMatch-

Node

rockwellautomation1756-en2fk_series_b_firmwareRange5.008–5.028

AND

rockwellautomation1756-en2fk_series_bMatch-

Node

rockwellautomation1756-en2fk_series_c_firmwareRange≤11.002

AND

rockwellautomation1756-en2fk_series_cMatch-

Node

rockwellautomation1756-en3tr_series_a_firmwareRange5.008–5.028

AND

rockwellautomation1756-en3tr_series_aMatch-

Node

rockwellautomation1756-en3tr_series_b_firmwareRange≤11.003

AND

rockwellautomation1756-en3tr_series_bMatch-

Node

rockwellautomation1756-en3trk_series_a_firmwareRange5.008–5.028

AND

rockwellautomation1756-en3trk_series_aMatch-

Node

rockwellautomation1756-en3trk_series_b_firmwareRange≤11.002

AND

rockwellautomation1756-en3trk_series_bMatch-

Node

rockwellautomation1756-en2tpxt_series_a_firmwareRange≤11.002

AND

rockwellautomation1756-en2tpxt_series_aMatch-

References

rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140786

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

49.7%

JSON

Related for NVD:CVE-2023-2262

cve1 nessus1 prion1 cvelist1 ics1