CVE-2023-3595
Rockwell Automation ControlLogix Communication Modules Vulnerable to Remote Code Execution
Vexday Risk Score
28Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 9.8EPSS 3.6%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
12 Jul 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Where this vulnerability exists in the Rockwell Automation 1756 EN2* and 1756 EN3* ControlLogix communication products, it could allow a malicious user to perform remote code execution with persistence on the target system through maliciously crafted CIP messages. This includes the ability to modify, deny, and exfiltrate data passing through the device.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Rockwell Auotmation · 1756-EN2TPXT Series ARockwell Automation · 1756-EN2FK Series A, BRockwell Automation · 1756-EN2FK Series CRockwell Automation · 1756-EN2F Series A, BRockwell Automation · 1756-EN2F Series CRockwell Automation · 1756-EN2TK Series A, B, CRockwell Automation · 1756-EN2TPK Series ARockwell Automation · 1756-EN2TP Series ARockwell Automation · 1756-EN2TRK Series A, BRockwell Automation · 1756-EN2TRK Series CRockwell Automation · 1756-EN2TR Series A, BRockwell Automation · 1756-EN2TR Series CRockwell Automation · 1756-EN2TRXT Series A, BRockwell Automation · 1756-EN2TRXT Series CRockwell Automation · 1756-EN2T Series A, B, CRockwell Automation · 1756-EN2T Series DRockwell Automation · 1756-EN2TXT Series A, B, CRockwell Automation · 1756-EN2TXT Series DRockwell Automation · 1756-EN3TRK Series ARockwell Automation · 1756-EN3TRK Series BRockwell Automation · 1756-EN3TR Series ARockwell Automation · 1756-EN3TR Series BWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →