Vulnerabilities > CVE-2016-9343 - Out-of-bounds Write vulnerability in Rockwellautomation products

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

rockwellautomation

CWE-787

critical

NVD

Published: 2017-02-13

Updated: 2022-02-03

Summary

An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service.

Vulnerable Configurations

Part	Description	Count
OS	Rockwellautomation Rockwellautomation Softlogix 5800 Controller Firmware 18.00 Rockwellautomation Softlogix 5800 Controller Firmware 19.00 Rockwellautomation Softlogix 5800 Controller Firmware 20.00 Rockwellautomation Softlogix 5800 Controller Firmware 21.00 Rockwellautomation Rslogix Emulate 5000 Firmware 18.00 Rockwellautomation Rslogix Emulate 5000 Firmware 19.00 Rockwellautomation Rslogix Emulate 5000 Firmware 20.00 Rockwellautomation Rslogix Emulate 5000 Firmware 21.00 Rockwellautomation Guardlogix 5570 Controller Firmware 16.00 Rockwellautomation Guardlogix 5570 Controller Firmware 17.00 Rockwellautomation Guardlogix 5570 Controller Firmware 18.00 Rockwellautomation Guardlogix 5570 Controller Firmware 19.00 Rockwellautomation Guardlogix 5570 Controller Firmware 20.00 Rockwellautomation Guardlogix 5570 Controller Firmware 20.010 Rockwellautomation Guardlogix 5570 Controller Firmware 20.017 Rockwellautomation Guardlogix 5570 Controller Firmware 21.00 Rockwellautomation Flexlogix L34 Controller Firmware 16.00 Rockwellautomation Controllogix L55 Controller Firmware 16.00 Rockwellautomation Controllogix L55 Controller Firmware 16.020 Rockwellautomation Controllogix L55 Controller Firmware 16.022 Rockwellautomation Controllogix 5570 Redundant Controller Firmware 20.00 Rockwellautomation Controllogix 5570 Redundant Controller Firmware 20.050 Rockwellautomation Controllogix 5570 Redundant Controller Firmware 20.055 Rockwellautomation Controllogix 5570 Redundant Controller Firmware 21.00 Rockwellautomation Controllogix 5570 Controller Firmware 18.00 Rockwellautomation Controllogix 5570 Controller Firmware 19.00 Rockwellautomation Controllogix 5570 Controller Firmware 20.010 Rockwellautomation Controllogix 5570 Controller Firmware 20.013 Rockwellautomation Controllogix 5570 Controller Firmware 21.00 Rockwellautomation Controllogix 5560 Redundant Controller Firmware 16.00 Rockwellautomation Controllogix 5560 Redundant Controller Firmware 19.00 Rockwellautomation Controllogix 5560 Redundant Controller Firmware 20.00 Rockwellautomation Controllogix 5560 Redundant Controller Firmware 20.050 Rockwellautomation Controllogix 5560 Redundant Controller Firmware 20.055 Rockwellautomation Controllogix 5560 Controller Firmware 16.00 Rockwellautomation Controllogix 5560 Controller Firmware 16.020 Rockwellautomation Controllogix 5560 Controller Firmware 16.022 Rockwellautomation Controllogix 5560 Controller Firmware 17.00 Rockwellautomation Controllogix 5560 Controller Firmware 18.00 Rockwellautomation Controllogix 5560 Controller Firmware 19.00 Rockwellautomation Controllogix 5560 Controller Firmware 20.00 Rockwellautomation Controllogix 5560 Controller Firmware 20.010 Rockwellautomation Controllogix 5560 Controller Firmware 20.013 Rockwellautomation 1769 Compactlogix L3X Controller Firmware 16.00 Rockwellautomation 1769 Compactlogix L3X Controller Firmware 16.020 Rockwellautomation 1769 Compactlogix L3X Controller Firmware 16.023 Rockwellautomation 1769 Compactlogix L3X Controller Firmware 17.00 Rockwellautomation 1769 Compactlogix L3X Controller Firmware 18.00 Rockwellautomation 1769 Compactlogix L3X Controller Firmware 19.00 Rockwellautomation 1769 Compactlogix L3X Controller Firmware 20.00 Rockwellautomation 1769 Compactlogix L3X Controller Firmware 20.010 Rockwellautomation 1769 Compactlogix L3X Controller Firmware 20.013 Rockwellautomation 1769 Compactlogix L23X Controller Firmware 16.00 Rockwellautomation 1769 Compactlogix L23X Controller Firmware 17.00 Rockwellautomation 1769 Compactlogix L23X Controller Firmware 18.00 Rockwellautomation 1769 Compactlogix L23X Controller Firmware 19.00 Rockwellautomation 1769 Compactlogix L23X Controller Firmware 20.00 Rockwellautomation 1769 Compactlogix L23X Controller Firmware 20.010 Rockwellautomation 1769 Compactlogix L23X Controller Firmware 20.013 Rockwellautomation 1769 Compactlogix 5370 L3 Controller Firmware 20.00 Rockwellautomation 1769 Compactlogix 5370 L3 Controller Firmware 20.010 Rockwellautomation 1769 Compactlogix 5370 L3 Controller Firmware 20.013 Rockwellautomation 1769 Compactlogix 5370 L3 Controller Firmware 21.00 Rockwellautomation 1769 Compactlogix 5370 L2 Controller Firmware 20.00 Rockwellautomation 1769 Compactlogix 5370 L2 Controller Firmware 20.010 Rockwellautomation 1769 Compactlogix 5370 L2 Controller Firmware 20.013 Rockwellautomation 1769 Compactlogix 5370 L2 Controller Firmware 21.00 Rockwellautomation 1769 Compactlogix 5370 L1 Controller Firmware 20.00 Rockwellautomation 1769 Compactlogix 5370 L1 Controller Firmware 20.010 Rockwellautomation 1769 Compactlogix 5370 L1 Controller Firmware 20.013 Rockwellautomation 1769 Compactlogix 5370 L1 Controller Firmware 21.00 Rockwellautomation 1768 Compactlogix L4X Controller Firmware 16.00 Rockwellautomation 1768 Compactlogix L4X Controller Firmware 16.020 Rockwellautomation 1768 Compactlogix L4X Controller Firmware 16.025 Rockwellautomation 1768 Compactlogix L4X Controller Firmware 17.00 Rockwellautomation 1768 Compactlogix L4X Controller Firmware 18.00 Rockwellautomation 1768 Compactlogix L4X Controller Firmware 19.00 Rockwellautomation 1768 Compactlogix L4X Controller Firmware 20.00 Rockwellautomation 1768 Compactlogix L4X Controller Firmware 20.011 Rockwellautomation 1768 Compactlogix L4X Controller Firmware 20.016 Rockwellautomation 1768 Compact Guardlogix L4Xs Controller Firmware 18.00 Rockwellautomation 1768 Compact Guardlogix L4Xs Controller Firmware 19.00 Rockwellautomation 1768 Compact Guardlogix L4Xs Controller Firmware 20.00 Rockwellautomation 1768 Compact Guardlogix L4Xs Controller Firmware 20.011 Rockwellautomation 1768 Compact Guardlogix L4Xs Controller Firmware 20.013	85
Hardware	Rockwellautomation Rockwellautomation Softlogix 5800 Controller - Rockwellautomation Rslogix Emulate 5000 - Rockwellautomation Guardlogix 5570 Controller - Rockwellautomation Flexlogix L34 Controller - Rockwellautomation Controllogix L55 Controller - Rockwellautomation Controllogix 5570 Redundant Controller - Rockwellautomation Controllogix 5570 Controller - Rockwellautomation Controllogix 5560 Redundant Controller - Rockwellautomation Controllogix 5560 Controller - Rockwellautomation 1769 Compactlogix L3X Controller - Rockwellautomation 1769 Compactlogix L23X Controller - Rockwellautomation 1769 Compactlogix 5370 L3 Controller - Rockwellautomation 1769 Compactlogix 5370 L2 Controller - Rockwellautomation 1769 Compactlogix 5370 L1 Controller - Rockwellautomation 1768 Compactlogix L4X Controller - Rockwellautomation 1768 Compact Guardlogix L4Xs Controller -	16

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References