COMPANY HEADQUARTERS LOCATION: United States.CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing, Food and Agriculture, Water and Wastewater Systems, and others.A CVSS v3 base score of 10.0 has been calculated the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).
#Softlogix 5800 v20 code
1769 CompactLogix 5370 元 controllers (all versions).Ĥ.2.1 STACK-BASED BUFFER OVERFLOW CWE-121īy sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a buffer and execute code on the controller or initiate a non-recoverable fault resulting in a denial of service.ĬVE-2016-9343 has been assigned to this vulnerability.1769 CompactLogix 5370 L2 controllers (all versions), and.1769 CompactLogix 5370 L1 controllers (all versions),.GuardLogix 5570 controllers (all versions),.ControlLogix 5570 Redundant controllers (all versions),.1768 Compact GuardLogix L4xS controllers (v20.011 through v20.013).ControlLogix 5570 Redundant controllers (v20.050 through v20.055),.ControlLogix 5560 Redundant controllers (v20.050 through v20.055),.1768 Compact GuardLogix L4xS controllers (all versions).1768 CompactLogix L4x controllers (all versions), and.ControlLogix 5560 Redundant controllers (all versions),.1768 Compact GuardLogix L4xS (all versions).1769 CompactLogix 元x controllers (all versions),.ControlLogix 5570 controllers (all versions),.1768 CompactLogix L4x controllers (all versions).1769 CompactLogix 元x controllers (all versions), and.ControlLogix 5560 controllers (all versions),.SoftLogix 5800 controllers (all versions),.PowerFlex 700S drives with Phase II control and the embedded DriveLogix 5730 controller option installed (v17.003 and v17.004),.1769 CompactLogix L23x controllers (all versions),.FlexLogix 元4 controllers (all versions),.GuardLogix 5560 controllers (all versions),.ControlLogix 5560 Redundant controllers (all versions ),.ControlLogix L55 controllers (v16.020 through v16.022),.PowerFlex 700S drives with Phase II control and the embedded DriveLogix 5730 controller option installed (v16.020 through v16.022),.The following firmware versions for the Logix5000 Controller product line are affected, excluding all firmware versions prior to Version 16.00, which are not affected: Successful exploitation of this vulnerability may allow a remote attacker to cause a denial of service at a controller or execute code on a target controller. This updated advisory is a follow-up to the previously updated advisory titled ICSA-16-343-05A Rockwell Automation Logix5000 Programmable Automation Controller Buffer Overflow Vulnerability (Update A) that was published February 14, 2017, on the NCCIC/ICS-CERT website.
0 kommentar(er)
