Search criteria
3 vulnerabilities found for 1768_compactlogix_l4x_controller_firmware by rockwellautomation
FKIE_CVE-2016-9343
Vulnerability from fkie_nvd - Published: 2017-02-13 21:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://www.securityfocus.com/bid/95304 | Third Party Advisory, VDB Entry | |
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/95304 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:softlogix_5800_controller_firmware:18.00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD15E200-9418-46D7-8A2B-65CFC1E1449F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:softlogix_5800_controller_firmware:19.00:*:*:*:*:*:*:*",
"matchCriteriaId": "38C57303-360E-41DF-9C62-E186341AA9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:softlogix_5800_controller_firmware:20.00:*:*:*:*:*:*:*",
"matchCriteriaId": "4A4B38B3-B47A-4A81-BD8D-8FE6DF9C0A6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:softlogix_5800_controller_firmware:21.00:*:*:*:*:*:*:*",
"matchCriteriaId": "44724BF7-2CBF-406A-BA85-40E7B16998AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:softlogix_5800_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8826E6-F7A6-454A-A26B-D6609EEB520E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:rslogix_emulate_5000_firmware:18.00:*:*:*:*:*:*:*",
"matchCriteriaId": "5946DCCE-ADFE-45EC-B0AD-C5D46E04B51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:rslogix_emulate_5000_firmware:19.00:*:*:*:*:*:*:*",
"matchCriteriaId": "58FE825C-973C-4F2F-8299-F617C0FEDCBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:rslogix_emulate_5000_firmware:20.00:*:*:*:*:*:*:*",
"matchCriteriaId": "BE5C79F5-313D-4A3E-8816-2232F99A4161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:rslogix_emulate_5000_firmware:21.00:*:*:*:*:*:*:*",
"matchCriteriaId": "1D140073-F7D3-4C0B-9327-A3E93C789096",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:rslogix_emulate_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B232C5B1-C524-47F6-8227-967CF0798810",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5570_controller_firmware:16.00:*:*:*:*:*:*:*",
"matchCriteriaId": "30A47A28-989D-4B08-BCA8-909AE3483F5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5570_controller_firmware:17.00:*:*:*:*:*:*:*",
"matchCriteriaId": "6DA979C5-F4B2-4E8D-9CE6-0FFE26AAEB62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5570_controller_firmware:18.00:*:*:*:*:*:*:*",
"matchCriteriaId": "5A9C6862-FC86-49F7-8B7B-34C604620834",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5570_controller_firmware:19.00:*:*:*:*:*:*:*",
"matchCriteriaId": "78423885-CAE7-421F-BA99-D48821499FC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5570_controller_firmware:20.00:*:*:*:*:*:*:*",
"matchCriteriaId": "1B0402AD-20ED-4592-AC33-B21D03BC5862",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5570_controller_firmware:20.010:*:*:*:*:*:*:*",
"matchCriteriaId": "6BBAFDCF-1EA1-4A24-8414-C64874226E72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5570_controller_firmware:20.017:*:*:*:*:*:*:*",
"matchCriteriaId": "2892A68E-D268-437A-98FA-7C915C5D60E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5570_controller_firmware:21.00:*:*:*:*:*:*:*",
"matchCriteriaId": "74D62A17-D6E9-4BA1-805D-E770DCF02DE0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:guardlogix_5570_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4B273FA-0865-4505-AAF8-1676940A3EA9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:flexlogix_l34_controller_firmware:16.00:*:*:*:*:*:*:*",
"matchCriteriaId": "01FBAB51-D2C5-4B1B-9B3A-AD906E2DE3A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:flexlogix_l34_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD9612C-B26E-4422-BB8A-199FD1EABA64",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_l55_controller_firmware:16.00:*:*:*:*:*:*:*",
"matchCriteriaId": "6C34B6BD-E714-4C86-AF2C-4CC6923F5B50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_l55_controller_firmware:16.020:*:*:*:*:*:*:*",
"matchCriteriaId": "515268CD-2009-45FF-8DAB-FFE3CF118A67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_l55_controller_firmware:16.022:*:*:*:*:*:*:*",
"matchCriteriaId": "D4A6C9A1-1B7A-4EE9-AF5B-CF4C709D513F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:controllogix_l55_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21A399A8-0F0D-400D-8D16-9CA51CFDCA34",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5570_redundant_controller_firmware:20.00:*:*:*:*:*:*:*",
"matchCriteriaId": "30F1978E-480C-492A-A12E-FDF83DAA7C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5570_redundant_controller_firmware:20.050:*:*:*:*:*:*:*",
"matchCriteriaId": "0B7B6B54-B3C9-4578-AC2F-FE5FEE22A9A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5570_redundant_controller_firmware:20.055:*:*:*:*:*:*:*",
"matchCriteriaId": "B0B99AA2-4B13-4E2B-91EA-3F121A2C15E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5570_redundant_controller_firmware:21.00:*:*:*:*:*:*:*",
"matchCriteriaId": "9FA7DE26-233F-48D3-A74D-921B6F1B1230",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:controllogix_5570_redundant_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "898183DD-C3AE-42EE-9891-81BFA774476A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5570_controller_firmware:18.00:*:*:*:*:*:*:*",
"matchCriteriaId": "00DA5E83-FDE2-46B5-9E8E-BF0A1E66D002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5570_controller_firmware:19.00:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F590CF-95C3-42A8-8E19-661B1FD3BC45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5570_controller_firmware:20.010:*:*:*:*:*:*:*",
"matchCriteriaId": "A702B034-E805-4E4D-90EC-23874FC00BB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5570_controller_firmware:20.013:*:*:*:*:*:*:*",
"matchCriteriaId": "E3861BFC-B7D2-4190-B295-FE655FF74B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5570_controller_firmware:21.00:*:*:*:*:*:*:*",
"matchCriteriaId": "BCF5D5F4-C420-4280-8B5A-07B45B4EBE1F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:controllogix_5570_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C16C24E2-4CB6-4413-8D48-588E0246617E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5560_redundant_controller_firmware:16.00:*:*:*:*:*:*:*",
"matchCriteriaId": "A4286F10-70FB-4F7A-8F6E-32B1022BF7A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5560_redundant_controller_firmware:19.00:*:*:*:*:*:*:*",
"matchCriteriaId": "6644B164-2A73-40F8-ABE5-84776EC1A030",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5560_redundant_controller_firmware:20.00:*:*:*:*:*:*:*",
"matchCriteriaId": "71C8B99B-30B6-49E9-905B-55582D337A0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5560_redundant_controller_firmware:20.050:*:*:*:*:*:*:*",
"matchCriteriaId": "51EB913A-6105-4535-9E51-8AB430366D15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5560_redundant_controller_firmware:20.055:*:*:*:*:*:*:*",
"matchCriteriaId": "53357D3A-7A1A-4E95-8B6B-D800095EA110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:controllogix_5560_redundant_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D450A2D-C1CB-4A35-BFCE-542F4947182B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5560_controller_firmware:16.00:*:*:*:*:*:*:*",
"matchCriteriaId": "3D9F0728-400C-4094-A5D7-A9D313EDFDAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5560_controller_firmware:16.020:*:*:*:*:*:*:*",
"matchCriteriaId": "8AB1F5E7-80A5-4C1F-9C7C-717D86F3FD1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5560_controller_firmware:16.022:*:*:*:*:*:*:*",
"matchCriteriaId": "B505D75B-78E7-4712-963F-C712731F7427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5560_controller_firmware:17.00:*:*:*:*:*:*:*",
"matchCriteriaId": "461EFE7F-7BFE-42E6-A41D-C66903B5A36C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5560_controller_firmware:18.00:*:*:*:*:*:*:*",
"matchCriteriaId": "664D455C-F227-4996-A333-A8AAF877B739",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5560_controller_firmware:19.00:*:*:*:*:*:*:*",
"matchCriteriaId": "FF50A215-F526-49F5-94CC-27902ECE9723",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5560_controller_firmware:20.00:*:*:*:*:*:*:*",
"matchCriteriaId": "8BC61753-C6F5-470C-B3B0-31D628F6483E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5560_controller_firmware:20.010:*:*:*:*:*:*:*",
"matchCriteriaId": "10F3A5FF-9474-4318-9BBD-321AD9B9BF7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5560_controller_firmware:20.013:*:*:*:*:*:*:*",
"matchCriteriaId": "17073213-1F27-4FE5-8DAF-946664A17346",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:controllogix_5560_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC83AAAE-2F45-4740-9797-1CB3321ECB01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_l3x_controller_firmware:16.00:*:*:*:*:*:*:*",
"matchCriteriaId": "ED16846D-55A5-40D1-836E-ABF1CA9D95A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_l3x_controller_firmware:16.020:*:*:*:*:*:*:*",
"matchCriteriaId": "9BC6F1D8-8867-4BF2-823C-B20E41C8F17A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_l3x_controller_firmware:16.023:*:*:*:*:*:*:*",
"matchCriteriaId": "162EBAC2-2D5C-4464-8272-BA6AD23DD2AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_l3x_controller_firmware:17.00:*:*:*:*:*:*:*",
"matchCriteriaId": "20145EE0-9229-4660-AA08-B0F165A4DF06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_l3x_controller_firmware:18.00:*:*:*:*:*:*:*",
"matchCriteriaId": "A6ADFC17-7ADE-4A5F-98C4-53736E548962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_l3x_controller_firmware:19.00:*:*:*:*:*:*:*",
"matchCriteriaId": "0E89B03D-3F84-476B-8385-93E2E8BE0FBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_l3x_controller_firmware:20.00:*:*:*:*:*:*:*",
"matchCriteriaId": "4F569C2B-510C-4811-9FB7-C2806C21FAEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_l3x_controller_firmware:20.010:*:*:*:*:*:*:*",
"matchCriteriaId": "8C611ED6-6BAC-48D3-821F-1AAF0A095506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_l3x_controller_firmware:20.013:*:*:*:*:*:*:*",
"matchCriteriaId": "5E831CAA-3059-4230-8EEC-97D1F7E4D781",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:1769_compactlogix_l3x_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E3D7B25-F802-4D94-8986-2AEBDB35FB97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_l23x_controller_firmware:16.00:*:*:*:*:*:*:*",
"matchCriteriaId": "ED08235F-2897-4307-BA34-5031719EEE87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_l23x_controller_firmware:17.00:*:*:*:*:*:*:*",
"matchCriteriaId": "A3E3A206-FCEB-4296-A5BA-15207F457B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_l23x_controller_firmware:18.00:*:*:*:*:*:*:*",
"matchCriteriaId": "872D3223-3BE9-4BC3-8E9A-0F52C4C719DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_l23x_controller_firmware:19.00:*:*:*:*:*:*:*",
"matchCriteriaId": "0F265304-853E-4FF1-8395-164A0576C1E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_l23x_controller_firmware:20.00:*:*:*:*:*:*:*",
"matchCriteriaId": "9FA25A83-9FE3-41BD-88F0-5C09AEE5E0F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_l23x_controller_firmware:20.010:*:*:*:*:*:*:*",
"matchCriteriaId": "8C067A35-A5E9-4EE9-BA07-2123DFE9D56D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_l23x_controller_firmware:20.013:*:*:*:*:*:*:*",
"matchCriteriaId": "F917811B-6A16-4674-A4B2-CCF2F086903F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:1769_compactlogix_l23x_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "156CF47F-E3BC-483B-A5BE-40DAC4FBCCBE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_5370_l3_controller_firmware:20.00:*:*:*:*:*:*:*",
"matchCriteriaId": "E3A864B2-C846-4D24-AA57-C7FAB0777B35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_5370_l3_controller_firmware:20.010:*:*:*:*:*:*:*",
"matchCriteriaId": "68A75275-595D-466F-A6FA-82DB71714CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_5370_l3_controller_firmware:20.013:*:*:*:*:*:*:*",
"matchCriteriaId": "64BFD245-6747-4E49-A56E-67A0145E1661",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_5370_l3_controller_firmware:21.00:*:*:*:*:*:*:*",
"matchCriteriaId": "925424D2-3595-4ECA-974F-3EA2FFCDE003",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:1769_compactlogix_5370_l3_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67A5E47C-FC53-463B-B532-9E205B9E3393",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_5370_l2_controller_firmware:20.00:*:*:*:*:*:*:*",
"matchCriteriaId": "8043F689-261E-4A94-8EDE-63050A635186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_5370_l2_controller_firmware:20.010:*:*:*:*:*:*:*",
"matchCriteriaId": "375B8B2A-A0CF-4822-B641-D6830F82EC41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_5370_l2_controller_firmware:20.013:*:*:*:*:*:*:*",
"matchCriteriaId": "AD700041-A10D-4D77-9450-AD370F109979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_5370_l2_controller_firmware:21.00:*:*:*:*:*:*:*",
"matchCriteriaId": "C2AB490D-A6A1-4B9D-A573-140004696421",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:1769_compactlogix_5370_l2_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "891A3459-3DB3-4C3A-945A-898092DBCF2C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_5370_l1_controller_firmware:20.00:*:*:*:*:*:*:*",
"matchCriteriaId": "8DAE1905-F4DA-4A72-982F-1FF82EAE3F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_5370_l1_controller_firmware:20.010:*:*:*:*:*:*:*",
"matchCriteriaId": "CA84CD2A-1039-473F-BAA8-7A187ED3D5EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_5370_l1_controller_firmware:20.013:*:*:*:*:*:*:*",
"matchCriteriaId": "512FC535-3DE7-4AF2-BAF9-F005EAA04055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1769_compactlogix_5370_l1_controller_firmware:21.00:*:*:*:*:*:*:*",
"matchCriteriaId": "BBD496C3-ED7D-4FA7-A037-0ADCD40F7149",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:1769_compactlogix_5370_l1_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B315C5B-6161-42AF-BFA0-846544E84787",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:1768_compactlogix_l4x_controller_firmware:16.00:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB40051-9B2F-4DC1-B0B1-583806BD04A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1768_compactlogix_l4x_controller_firmware:16.020:*:*:*:*:*:*:*",
"matchCriteriaId": "23CB7ECE-A664-4B5A-B92B-22F0A5575879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1768_compactlogix_l4x_controller_firmware:16.025:*:*:*:*:*:*:*",
"matchCriteriaId": "AF33630D-E9F6-4FB9-A6DC-BF85486063B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1768_compactlogix_l4x_controller_firmware:17.00:*:*:*:*:*:*:*",
"matchCriteriaId": "E09B3755-1F61-4516-8BB1-C300E77C1C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1768_compactlogix_l4x_controller_firmware:18.00:*:*:*:*:*:*:*",
"matchCriteriaId": "2873C1E4-735D-4F6E-BE24-CA37D74A78D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1768_compactlogix_l4x_controller_firmware:19.00:*:*:*:*:*:*:*",
"matchCriteriaId": "DD836ECC-41B7-4BB9-86EE-FEF4C7AB50A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1768_compactlogix_l4x_controller_firmware:20.00:*:*:*:*:*:*:*",
"matchCriteriaId": "5A8E44AA-4DC8-4D89-A2C4-D3F53B639392",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1768_compactlogix_l4x_controller_firmware:20.011:*:*:*:*:*:*:*",
"matchCriteriaId": "0EC38504-BEF0-48EC-8135-F5E922B09FFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1768_compactlogix_l4x_controller_firmware:20.016:*:*:*:*:*:*:*",
"matchCriteriaId": "5CD852A4-C347-4350-B6B6-D4BD50ECC673",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:1768_compactlogix_l4x_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D65D9A11-26E1-44EE-814F-F361E5E3BA9F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:1768_compact_guardlogix_l4xs_controller_firmware:18.00:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBA3395-2D59-46E5-B145-09B3CCD17E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1768_compact_guardlogix_l4xs_controller_firmware:19.00:*:*:*:*:*:*:*",
"matchCriteriaId": "E157C9EC-4715-48AE-B770-3906BCE42795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1768_compact_guardlogix_l4xs_controller_firmware:20.00:*:*:*:*:*:*:*",
"matchCriteriaId": "D9890588-8D37-4B5B-8D29-E639B27B164C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1768_compact_guardlogix_l4xs_controller_firmware:20.011:*:*:*:*:*:*:*",
"matchCriteriaId": "15685EC8-BDF5-4BDC-888A-E85E8CCA7DF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:1768_compact_guardlogix_l4xs_controller_firmware:20.013:*:*:*:*:*:*:*",
"matchCriteriaId": "F0ED0CC0-BF83-493F-A675-5F1D42D1F818",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:1768_compact_guardlogix_l4xs_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "255EBEF7-AA35-42EC-A11F-1F36B9081996",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service."
},
{
"lang": "es",
"value": "Ha sido descubierto un problema en Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 a 21.00 (excluyendo todas las versiones de firmware anteriores a FRN 16.00, que no se ven afectadas). Al enviar un paquete de protocolo industrial com\u00fan (CIP) malformado, un atacante puede realizar un desbordamiento de b\u00fafer basado en pila y ejecutar c\u00f3digo en el controlador o iniciar un fallo irrecuperable que da como resultado una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2016-9343",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-13T21:59:01.707",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95304"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95304"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2016-9343 (GCVE-0-2016-9343)
Vulnerability from cvelistv5 – Published: 2017-02-13 21:00 – Updated: 2024-08-06 02:50
VLAI?
Summary
An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service.
Severity ?
No CVSS data available.
CWE
- Rockwell Automation Logix5000 Programmable Automation Controller Buffer Overflow Vulnerability
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 |
Affected:
Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:50:38.224Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05"
},
{
"name": "95304",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95304"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00"
}
]
}
],
"datePublic": "2017-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Rockwell Automation Logix5000 Programmable Automation Controller Buffer Overflow Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-14T10:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05"
},
{
"name": "95304",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95304"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-9343",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00",
"version": {
"version_data": [
{
"version_value": "Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Rockwell Automation Logix5000 Programmable Automation Controller Buffer Overflow Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05"
},
{
"name": "95304",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95304"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2016-9343",
"datePublished": "2017-02-13T21:00:00",
"dateReserved": "2016-11-16T00:00:00",
"dateUpdated": "2024-08-06T02:50:38.224Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9343 (GCVE-0-2016-9343)
Vulnerability from nvd – Published: 2017-02-13 21:00 – Updated: 2024-08-06 02:50
VLAI?
Summary
An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service.
Severity ?
No CVSS data available.
CWE
- Rockwell Automation Logix5000 Programmable Automation Controller Buffer Overflow Vulnerability
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 |
Affected:
Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:50:38.224Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05"
},
{
"name": "95304",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95304"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00"
}
]
}
],
"datePublic": "2017-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Rockwell Automation Logix5000 Programmable Automation Controller Buffer Overflow Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-14T10:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05"
},
{
"name": "95304",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95304"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-9343",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00",
"version": {
"version_data": [
{
"version_value": "Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Rockwell Automation Logix5000 Programmable Automation Controller Buffer Overflow Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05"
},
{
"name": "95304",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95304"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2016-9343",
"datePublished": "2017-02-13T21:00:00",
"dateReserved": "2016-11-16T00:00:00",
"dateUpdated": "2024-08-06T02:50:38.224Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}