Vulnerabilities > CVE-2023-3596 - Out-of-bounds Write vulnerability in Rockwellautomation products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

rockwellautomation

CWE-787

NVD

Published: 2023-07-12

Updated: 2023-07-20

Summary

Where this vulnerability exists in the Rockwell Automation 1756-EN4* Ethernet/IP communication products, it could allow a malicious user to cause a denial of service by asserting the target system through maliciously crafted CIP messages.

Vulnerable Configurations

Part	Description	Count
OS	Rockwellautomation Rockwellautomation 1756 En4Tr Firmware - Rockwellautomation 1756 En4Trk Firmware - Rockwellautomation 1756 En4Trxt Firmware -	3
Hardware	Rockwellautomation Rockwellautomation 1756 En4Tr - Rockwellautomation 1756 En4Trk - Rockwellautomation 1756 En4Trxt -	3

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010