Search
Find a vulnerability
Search criteria
2 vulnerabilities found for softlogix_5800_controller_firmware by rockwellautomation
CVE-2016-9343 (GCVE-0-2016-9343)
Vulnerability from nvd – Published: 2017-02-13 21:00 – Updated: 2024-08-06 02:50
VLAI
Summary
An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service.
Severity
No CVSS data available.
CWE
- Rockwell Automation Logix5000 Programmable Automation Controller Buffer Overflow Vulnerability
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05 | x_refsource_MISC |
| http://www.securityfocus.com/bid/95304 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 |
Affected:
Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00
|
Date Public
2017-02-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:50:38.224Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05"
},
{
"name": "95304",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95304"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00"
}
]
}
],
"datePublic": "2017-02-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Rockwell Automation Logix5000 Programmable Automation Controller Buffer Overflow Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-14T10:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05"
},
{
"name": "95304",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95304"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-9343",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00",
"version": {
"version_data": [
{
"version_value": "Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Rockwell Automation Logix5000 Programmable Automation Controller Buffer Overflow Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05"
},
{
"name": "95304",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95304"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2016-9343",
"datePublished": "2017-02-13T21:00:00.000Z",
"dateReserved": "2016-11-16T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:50:38.224Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9343 (GCVE-0-2016-9343)
Vulnerability from cvelistv5 – Published: 2017-02-13 21:00 – Updated: 2024-08-06 02:50
VLAI
Summary
An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service.
Severity
No CVSS data available.
CWE
- Rockwell Automation Logix5000 Programmable Automation Controller Buffer Overflow Vulnerability
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05 | x_refsource_MISC |
| http://www.securityfocus.com/bid/95304 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 |
Affected:
Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00
|
Date Public
2017-02-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:50:38.224Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05"
},
{
"name": "95304",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95304"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00"
}
]
}
],
"datePublic": "2017-02-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Rockwell Automation Logix5000 Programmable Automation Controller Buffer Overflow Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-14T10:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05"
},
{
"name": "95304",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95304"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-9343",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00",
"version": {
"version_data": [
{
"version_value": "Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Rockwell Automation Logix5000 Programmable Automation Controller Buffer Overflow Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05"
},
{
"name": "95304",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95304"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2016-9343",
"datePublished": "2017-02-13T21:00:00.000Z",
"dateReserved": "2016-11-16T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:50:38.224Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}