CVE-2023-2262
Rockwell Automation Select Logix Communication Modules Vulnerable to Email Object Buffer Overflow
Vexday Risk Score
28Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 9.8EPSS 1.0%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
20 set 2023Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A buffer overflow vulnerability exists in the Rockwell Automation select 1756-EN* communication devices. If exploited, a threat actor could potentially leverage this vulnerability to perform a remote code execution. To exploit this vulnerability, a threat actor would have to send a maliciously crafted CIP request to device.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
Rockwell Auotmation · 1756-EN2TPXT Series ARockwell Automation · 1756-EN2FK Series A, BRockwell Automation · 1756-EN2FK Series CRockwell Automation · 1756-EN2F Series A, BRockwell Automation · 1756-EN2F Series CRockwell Automation · 1756-EN2TK Series A, B, CRockwell Automation · 1756-EN2TPK Series ARockwell Automation · 1756-EN2TP Series ARockwell Automation · 1756-EN2TRK Series A, BRockwell Automation · 1756-EN2TRK Series CRockwell Automation · 1756-EN2TR Series A, BRockwell Automation · 1756-EN2TR Series CRockwell Automation · 1756-EN2TRXT Series A, BRockwell Automation · 1756-EN2TRXT Series CRockwell Automation · 1756-EN2T Series A, B, CRockwell Automation · 1756-EN2T Series DRockwell Automation · 1756-EN2TXT Series A, B, CRockwell Automation · 1756-EN2TXT Series DRockwell Automation · 1756-EN3TRK Series ARockwell Automation · 1756-EN3TRK Series BRockwell Automation · 1756-EN3TR Series ARockwell Automation · 1756-EN3TR Series BQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →