Action not permitted
Modal body text goes here.
Modal Title
Modal Body
GHSA-HVF2-XRFV-GR9F
Vulnerability from github – Published: 2023-09-20 18:30 – Updated: 2024-04-04 07:46
VLAI?
Details
A buffer overflow vulnerability exists in the Rockwell Automation select 1756-EN* communication devices. If exploited, a threat actor could potentially leverage this vulnerability to perform a remote code execution. To exploit this vulnerability, a threat actor would have to send a maliciously crafted CIP request to device.
Severity ?
9.8 (Critical)
{
"affected": [],
"aliases": [
"CVE-2023-2262"
],
"database_specific": {
"cwe_ids": [
"CWE-121",
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-09-20T16:15:12Z",
"severity": "CRITICAL"
},
"details": "\n\n\nA buffer overflow vulnerability exists in the Rockwell Automation select 1756-EN* communication devices. If exploited, a threat actor could potentially leverage this vulnerability to perform a remote code execution. To exploit this vulnerability, a threat actor would have to send a maliciously crafted CIP request to device.\n\n\n\n",
"id": "GHSA-hvf2-xrfv-gr9f",
"modified": "2024-04-04T07:46:19Z",
"published": "2023-09-20T18:30:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2262"
},
{
"type": "WEB",
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140786"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
CVE-2023-2262 (GCVE-0-2023-2262)
Vulnerability from cvelistv5 – Published: 2023-09-20 15:20 – Updated: 2024-09-25 15:44
VLAI?
EPSS
Summary
A buffer overflow vulnerability exists in the Rockwell Automation select 1756-EN* communication devices. If exploited, a threat actor could potentially leverage this vulnerability to perform a remote code execution. To exploit this vulnerability, a threat actor would have to send a maliciously crafted CIP request to device.
Severity ?
9.8 (Critical)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:19:14.686Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140786"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:rockwellautomation:1756-en2t_series_a_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2t_series_b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2t_series_c_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2t_series_d_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2tk_series_a_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2tk_series_b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2tk_series_c_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2txt_series_a_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2txt_series_b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2txt_series_c_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2txt_series_d_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2tp_series_a_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2tpk_series_a_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2tr_series_a_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2tr_series_b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2tr_series_c_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2trk_series_a_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2trk_series_b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2trk_series_c_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2trxt_series_a_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2trxt_series_b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2trxt_series_c_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2f_series_a_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2f_series_b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2f_series_c_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2fk_series_a_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2fk_series_b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2fk_series_c_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en3tr_series_a_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en3tr_series_b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en3trk_series_a_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en3trk_series_b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2tpxt_series_a_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "1756-en2fk_series_c_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThanOrEqual": "5.028",
"status": "affected",
"version": "5.008",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.0002",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2262",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T14:39:20.985093Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T15:44:30.367Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "1756-EN2T Series A, B, C",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2T Series D",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.002"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TK Series A, B, C",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TXT Series A, B, C",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TXT Series D",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.002"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TP Series A",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.002"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TPK Series A",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.002"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TPXT Series A",
"vendor": "Rockwell Auotmation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.002"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TR Series A, B",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TR Series C",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.002"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TRK Series A, B",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TRK Series C",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.002"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TRXT Series A, B",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TRXT Series C",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.002"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2F Series A, B",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2F Series C",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.002"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2FK Series A, B",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2FK Series C",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.002"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN3TR Series A",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN3TR Series B",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.003"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN3TRK Series A",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN3TRK Series B",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.002"
}
]
}
],
"datePublic": "2023-09-12T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA buffer overflow vulnerability exists in the Rockwell Automation select 1756-EN* communication devices. If exploited, a threat actor could potentially leverage this vulnerability to perform a remote code execution. To exploit this vulnerability, a threat actor would have to send a maliciously crafted CIP request to device.\u003c/span\u003e\n\n\u003c/span\u003e\n\n"
}
],
"value": "\n\n\nA buffer overflow vulnerability exists in the Rockwell Automation select 1756-EN* communication devices. If exploited, a threat actor could potentially leverage this vulnerability to perform a remote code execution. To exploit this vulnerability, a threat actor would have to send a maliciously crafted CIP request to device.\n\n\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-20T15:47:00.968Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140786"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cstrong\u003eUpdate firmware.\u003c/strong\u003e\u0026nbsp;Update EN2* ControlLogix communications modules to mitigated firmware.\u003cbr\u003e\u003cul\u003e\u003cli\u003eRestrict traffic to the SMTP port (25), if not needed.\u003c/li\u003e\u003cli\u003eCustomers using the EN2/EN3 versions 10.x and higher can disable the email object, if not needed. Instructions can be found in the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://literature.rockwellautomation.com/idc/groups/literature/documents/um/enet-um006_-en-p.pdf\"\u003eEtherNet/IP Network Devices User Manual (rockwellautomation.com)\u003c/a\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e, publication ENET-UM006.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012\"\u003eQA43240 - Recommended Security Guidelines from Rockwell Automation\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e\n\n"
}
],
"value": "Update firmware.\u00a0Update EN2* ControlLogix communications modules to mitigated firmware.\n * Restrict traffic to the SMTP port (25), if not needed.\n * Customers using the EN2/EN3 versions 10.x and higher can disable the email object, if not needed. Instructions can be found in the EtherNet/IP Network Devices User Manual (rockwellautomation.com) https://literature.rockwellautomation.com/idc/groups/literature/documents/um/enet-um006_-en-p.pdf , publication ENET-UM006.\n * QA43240 - Recommended Security Guidelines from Rockwell Automation https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012 \n\n\n\n\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Rockwell Automation Select Logix Communication Modules Vulnerable to Email Object Buffer Overflow",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2023-2262",
"datePublished": "2023-09-20T15:20:23.700Z",
"dateReserved": "2023-04-24T21:35:54.200Z",
"dateUpdated": "2024-09-25T15:44:30.367Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…