icsa-23-193-01
Vulnerability from csaf_cisa
Published
2023-07-12 06:00
Modified
2023-07-12 06:00
Summary
Rockwell Automation Select Communication Modules
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow malicious actors to gain remote access of the running memory of the module and perform malicious activity.
Critical infrastructure sectors
Critical Manufacturing
Countries/areas deployed
Worldwide
Company headquarters location
United States
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
No known public exploits specifically target these vulnerabilities.
{
"document": {
"acknowledgments": [
{
"organization": "Rockwell Automation",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could allow malicious actors to gain remote access of the running memory of the module and perform malicious activity. ",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "United States",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-23-193-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2023/icsa-23-193-01.json"
},
{
"category": "self",
"summary": "ICSA Advisory ICSA-23-193-01 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-193-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Rockwell Automation Select Communication Modules",
"tracking": {
"current_release_date": "2023-07-12T06:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-23-193-01",
"initial_release_date": "2023-07-12T06:00:00.000000Z",
"revision_history": [
{
"date": "2023-07-12T06:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2T Series A: \u003c= 5.008",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "1756-EN2T Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2T Series A: \u003c= 5.028",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "1756-EN2T Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2T Series B: \u003c= 5.008",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "1756-EN2T Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2T Series B: \u003c= 5.028",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "1756-EN2T Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2T Series C: \u003c= 5.008",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "1756-EN2T Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2T Series C: \u003c= 5.028",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "1756-EN2T Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2T Series D: \u003c= 11.003",
"product_id": "CSAFPID-0007"
}
}
],
"category": "product_name",
"name": "1756-EN2T Series D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TK Series A: \u003c= 5.008",
"product_id": "CSAFPID-0008"
}
}
],
"category": "product_name",
"name": "1756-EN2TK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TK Series A: \u003c= 5.028",
"product_id": "CSAFPID-0009"
}
}
],
"category": "product_name",
"name": "1756-EN2TK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TK Series B: \u003c= 5.008",
"product_id": "CSAFPID-0010"
}
}
],
"category": "product_name",
"name": "1756-EN2TK Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TK Series B: \u003c= 5.028",
"product_id": "CSAFPID-0011"
}
}
],
"category": "product_name",
"name": "1756-EN2TK Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TK Series C: \u003c= 5.008",
"product_id": "CSAFPID-0012"
}
}
],
"category": "product_name",
"name": "1756-EN2TK Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TK Series C: \u003c= 5.028",
"product_id": "CSAFPID-0013"
}
}
],
"category": "product_name",
"name": "1756-EN2TK Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2TK Series D: \u003c= 11.003",
"product_id": "CSAFPID-0014"
}
}
],
"category": "product_name",
"name": "1756-EN2TK Series D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TXT Series A: \u003c= 5.008",
"product_id": "CSAFPID-0015"
}
}
],
"category": "product_name",
"name": "1756-EN2TXT Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TXT Series A: \u003c= 5.028",
"product_id": "CSAFPID-0016"
}
}
],
"category": "product_name",
"name": "1756-EN2TXT Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TXT Series B: \u003c= 5.008",
"product_id": "CSAFPID-0017"
}
}
],
"category": "product_name",
"name": "1756-EN2TXT Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TXT Series B: \u003c= 5.028",
"product_id": "CSAFPID-0018"
}
}
],
"category": "product_name",
"name": "1756-EN2TXT Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TXT Series C: \u003c= 5.008",
"product_id": "CSAFPID-0019"
}
}
],
"category": "product_name",
"name": "1756-EN2TXT Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TXT Series C: \u003c= 5.028",
"product_id": "CSAFPID-0020"
}
}
],
"category": "product_name",
"name": "1756-EN2TXT Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2TXT Series D: \u003c= 11.003",
"product_id": "CSAFPID-0021"
}
}
],
"category": "product_name",
"name": "1756-EN2TXT Series D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2TP Series A: \u003c= 11.003",
"product_id": "CSAFPID-0022"
}
}
],
"category": "product_name",
"name": "1756-EN2TP Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2TPK Series A: \u003c= 11.003",
"product_id": "CSAFPID-0023"
}
}
],
"category": "product_name",
"name": "1756-EN2TPK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2TPXT Series A: \u003c= 11.003",
"product_id": "CSAFPID-0024"
}
}
],
"category": "product_name",
"name": "1756-EN2TPXT Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TR Series A: \u003c= 5.008",
"product_id": "CSAFPID-0025"
}
}
],
"category": "product_name",
"name": "1756-EN2TR Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TR Series A: \u003c= 5.028",
"product_id": "CSAFPID-0026"
}
}
],
"category": "product_name",
"name": "1756-EN2TR Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TR Series B: \u003c= 5.008",
"product_id": "CSAFPID-0027"
}
}
],
"category": "product_name",
"name": "1756-EN2TR Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TR Series B: \u003c= 5.028",
"product_id": "CSAFPID-0028"
}
}
],
"category": "product_name",
"name": "1756-EN2TR Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2TR Series C: \u003c= 11.003",
"product_id": "CSAFPID-0029"
}
}
],
"category": "product_name",
"name": "1756-EN2TR Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TRK Series A: \u003c= 5.008",
"product_id": "CSAFPID-0030"
}
}
],
"category": "product_name",
"name": "1756-EN2TRK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TRK Series A: \u003c= 5.028",
"product_id": "CSAFPID-0031"
}
}
],
"category": "product_name",
"name": "1756-EN2TRK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TRK Series B: \u003c= 5.008",
"product_id": "CSAFPID-0032"
}
}
],
"category": "product_name",
"name": "1756-EN2TRK Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TRK Series B: \u003c= 5.028",
"product_id": "CSAFPID-0033"
}
}
],
"category": "product_name",
"name": "1756-EN2TRK Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2TRK Series C: \u003c= 11.003",
"product_id": "CSAFPID-0034"
}
}
],
"category": "product_name",
"name": "1756-EN2TRK Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TRXT Series A: \u003c= 5.008",
"product_id": "CSAFPID-0035"
}
}
],
"category": "product_name",
"name": "1756-EN2TRXT Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TRXT Series A: \u003c= 5.028",
"product_id": "CSAFPID-0036"
}
}
],
"category": "product_name",
"name": "1756-EN2TRXT Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TRXT Series B: \u003c= 5.008",
"product_id": "CSAFPID-0037"
}
}
],
"category": "product_name",
"name": "1756-EN2TRXT Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TRXT Series B: \u003c= 5.028",
"product_id": "CSAFPID-0038"
}
}
],
"category": "product_name",
"name": "1756-EN2TRXT Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2TRXT Series C: \u003c= 11.003",
"product_id": "CSAFPID-0039"
}
}
],
"category": "product_name",
"name": "1756-EN2TRXT Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2F Series A: \u003c= 5.008",
"product_id": "CSAFPID-0040"
}
}
],
"category": "product_name",
"name": "1756-EN2F Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2F Series A: \u003c= 5.028",
"product_id": "CSAFPID-0041"
}
}
],
"category": "product_name",
"name": "1756-EN2F Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2F Series B: \u003c= 5.008",
"product_id": "CSAFPID-0042"
}
}
],
"category": "product_name",
"name": "1756-EN2F Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2F Series B: \u003c= 5.028",
"product_id": "CSAFPID-0043"
}
}
],
"category": "product_name",
"name": "1756-EN2F Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2F Series C: \u003c= 11.003",
"product_id": "CSAFPID-0044"
}
}
],
"category": "product_name",
"name": "1756-EN2F Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2FK Series A: \u003c= 5.008",
"product_id": "CSAFPID-0045"
}
}
],
"category": "product_name",
"name": "1756-EN2FK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2FK Series A: \u003c= 5.028",
"product_id": "CSAFPID-0046"
}
}
],
"category": "product_name",
"name": "1756-EN2FK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2FK Series B: \u003c= 5.008",
"product_id": "CSAFPID-0047"
}
}
],
"category": "product_name",
"name": "1756-EN2FK Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2FK Series B: \u003c= 5.028",
"product_id": "CSAFPID-0048"
}
}
],
"category": "product_name",
"name": "1756-EN2FK Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2FK Series C: \u003c= 11.003",
"product_id": "CSAFPID-0049"
}
}
],
"category": "product_name",
"name": "1756-EN2FK Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN3TR Series A: \u003c= 5.008",
"product_id": "CSAFPID-0050"
}
}
],
"category": "product_name",
"name": "1756-EN3TR Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN3TR Series A: \u003c= 5.028",
"product_id": "CSAFPID-0051"
}
}
],
"category": "product_name",
"name": "1756-EN3TR Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN3TR Series B: \u003c= 11.003",
"product_id": "CSAFPID-0052"
}
}
],
"category": "product_name",
"name": "1756-EN3TR Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN3TRK Series A: \u003c= 5.008",
"product_id": "CSAFPID-0053"
}
}
],
"category": "product_name",
"name": "1756-EN3TRK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN3TRK Series A: \u003c= 5.028",
"product_id": "CSAFPID-0054"
}
}
],
"category": "product_name",
"name": "1756-EN3TRK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN3TRK Series B: \u003c= 11.003",
"product_id": "CSAFPID-0055"
}
}
],
"category": "product_name",
"name": "1756-EN3TRK Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.001",
"product": {
"name": "1756-EN4TR Series A: \u003c= 5.001",
"product_id": "CSAFPID-0056"
}
}
],
"category": "product_name",
"name": "1756-EN4TR Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.001",
"product": {
"name": "1756-EN4TRK Series A: \u003c= 5.001",
"product_id": "CSAFPID-0057"
}
}
],
"category": "product_name",
"name": "1756-EN4TRK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.001",
"product": {
"name": "1756-EN4TRXT Series A: \u003c= 5.001",
"product_id": "CSAFPID-0058"
}
}
],
"category": "product_name",
"name": "1756-EN4TRXT Series A"
}
],
"category": "vendor",
"name": "Rockwell Automation "
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-3595",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "Where this vulnerability exists in the 1756 EN2* and 1756 EN3* products, it could allow a malicious user to perform remote code execution with persistence on the target system through maliciously crafted CIP messages. This includes the ability to modify, deny, and exfiltrate data passing through the device. ",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3595"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Rockwell Automation has released the following versions to fix these vulnerabilities and can be addressed by performing a standard firmware update. Customers are strongly encouraged to implement the risk mitigations provided below and to the extent possible, to combine these with the security best practices to employ multiple strategies simultaneously.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
},
{
"category": "vendor_fix",
"details": "1756-EN2T Series A: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2T Series B: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2T Series C: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2T Series D: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0007"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TK Series A: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0008",
"CSAFPID-0009"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TK Series B: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0010",
"CSAFPID-0011"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TK Series C: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0012",
"CSAFPID-0013"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TK Series D: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0014"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TXT Series A: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0015",
"CSAFPID-0016"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TXT Series B: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0017",
"CSAFPID-0018"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TXT Series C: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0019",
"CSAFPID-0020"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TXT Series D: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0021"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TP Series A: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0022"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TPK Series A: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0023"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TPXT Series A: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0024"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TR Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0025",
"CSAFPID-0026"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TR Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0027",
"CSAFPID-0028"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TR Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0029"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRK Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0030",
"CSAFPID-0031"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRK Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0032",
"CSAFPID-0033"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRK Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0034"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRXT Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0035",
"CSAFPID-0036"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRXT Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0037",
"CSAFPID-0038"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRXT Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0039"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2F Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2F Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0042",
"CSAFPID-0043"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2F Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0044"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2FK Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0045",
"CSAFPID-0046"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2FK Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0047",
"CSAFPID-0048"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2FK Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0049"
]
},
{
"category": "vendor_fix",
"details": "1756-EN3TR Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0050",
"CSAFPID-0051"
]
},
{
"category": "vendor_fix",
"details": "1756-EN3TR Series B: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0052"
]
},
{
"category": "vendor_fix",
"details": "1756-EN3TRK Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0053",
"CSAFPID-0054"
]
},
{
"category": "vendor_fix",
"details": "1756-EN3TRK Series B: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0055"
]
},
{
"category": "vendor_fix",
"details": "1756-EN4TR Series A: Update to 5.002 or later",
"product_ids": [
"CSAFPID-0056"
]
},
{
"category": "vendor_fix",
"details": "1756-EN4TRK Series A: Update to 5.002 or later",
"product_ids": [
"CSAFPID-0057"
]
},
{
"category": "vendor_fix",
"details": "1756-EN4TRXT Series A: Update to 5.002 or later",
"product_ids": [
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "** Rockwell Automation strongly recommends updating to signed firmware if possible. Once the module is updated to signed firmware (example 5.008 to 5.0029), it is not possible to revert to unsigned firmware versions.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "Organizations should take the following actions to further secure ControlLogix communications modules from exploitation:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "Update firmware. Update EN2 * ControlLogix communications modules to firmware revision 11.004 and update EN4 * ControlLogix communications modules to firmware revision 5.002.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "Properly segment networks. Given a cyber actor would require network connectivity to the communication module to exploit the vulnerability, organizations should ensure ICS/SCADA networks are properly segmented within the process structure as well as from the Internet and other non-essential networks.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "Implement detection signatures. Use appended Snort signatures to monitor and detect anomalous Common Industrial Protocol (CIP) packets to Rockwell Automation devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "For more information and to see Rockwell\u0027s detection rules, see Rockwell Automation\u0027s Security Advisory.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
}
]
},
{
"cve": "CVE-2023-3596",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "Where this vulnerability exists in the 1756-EN4* products, it could allow a malicious user to cause a denial-of-service condition by asserting the target system through maliciously crafted CIP messages. ",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3596"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Rockwell Automation has released the following versions to fix these vulnerabilities and can be addressed by performing a standard firmware update. Customers are strongly encouraged to implement the risk mitigations provided below and to the extent possible, to combine these with the security best practices to employ multiple strategies simultaneously.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
},
{
"category": "vendor_fix",
"details": "1756-EN2T Series A: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2T Series B: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2T Series C: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2T Series D: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0007"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TK Series A: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0008",
"CSAFPID-0009"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TK Series B: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0010",
"CSAFPID-0011"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TK Series C: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0012",
"CSAFPID-0013"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TK Series D: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0014"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TXT Series A: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0015",
"CSAFPID-0016"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TXT Series B: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0017",
"CSAFPID-0018"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TXT Series C: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0019",
"CSAFPID-0020"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TXT Series D: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0021"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TP Series A: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0022"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TPK Series A: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0023"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TPXT Series A: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0024"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TR Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0025",
"CSAFPID-0026"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TR Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0027",
"CSAFPID-0028"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TR Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0029"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRK Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0030",
"CSAFPID-0031"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRK Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0032",
"CSAFPID-0033"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRK Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0034"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRXT Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0035",
"CSAFPID-0036"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRXT Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0037",
"CSAFPID-0038"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRXT Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0039"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2F Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2F Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0042",
"CSAFPID-0043"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2F Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0044"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2FK Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0045",
"CSAFPID-0046"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2FK Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0047",
"CSAFPID-0048"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2FK Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0049"
]
},
{
"category": "vendor_fix",
"details": "1756-EN3TR Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0050",
"CSAFPID-0051"
]
},
{
"category": "vendor_fix",
"details": "1756-EN3TR Series B: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0052"
]
},
{
"category": "vendor_fix",
"details": "1756-EN3TRK Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0053",
"CSAFPID-0054"
]
},
{
"category": "vendor_fix",
"details": "1756-EN3TRK Series B: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0055"
]
},
{
"category": "vendor_fix",
"details": "1756-EN4TR Series A: Update to 5.002 or later",
"product_ids": [
"CSAFPID-0056"
]
},
{
"category": "vendor_fix",
"details": "1756-EN4TRK Series A: Update to 5.002 or later",
"product_ids": [
"CSAFPID-0057"
]
},
{
"category": "vendor_fix",
"details": "1756-EN4TRXT Series A: Update to 5.002 or later",
"product_ids": [
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "** Rockwell Automation strongly recommends updating to signed firmware if possible. Once the module is updated to signed firmware (example 5.008 to 5.0029), it is not possible to revert to unsigned firmware versions.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "Organizations should take the following actions to further secure ControlLogix communications modules from exploitation:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "Update firmware. Update EN2 * ControlLogix communications modules to firmware revision 11.004 and update EN4 * ControlLogix communications modules to firmware revision 5.002.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "Properly segment networks. Given a cyber actor would require network connectivity to the communication module to exploit the vulnerability, organizations should ensure ICS/SCADA networks are properly segmented within the process structure as well as from the Internet and other non-essential networks.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "Implement detection signatures. Use appended Snort signatures to monitor and detect anomalous Common Industrial Protocol (CIP) packets to Rockwell Automation devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "For more information and to see Rockwell\u0027s detection rules, see Rockwell Automation\u0027s Security Advisory.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
}
]
}
]
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.