CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-14827
https://notcve.org/view.php?id=CVE-2018-14827
Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. A remote, unauthenticated threat actor may intentionally send specially crafted Ethernet/IP packets to Port 44818, causing the software application to stop responding and crash. The user must restart the software to regain functionality. Rockwell Automation RSLinx Classic en versiones 4.00.01 y anteriores. Un actor de amenaza remoto no autenticado podría enviar de forma intencionada paquetes Ethernet/IP al puerto 44818, lo que provoca que la aplicación del software deje de responder y se cierre inesperadamente. • https://ics-cert.us-cert.gov/advisories/ICSA-18-263-02 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2018-14821
https://notcve.org/view.php?id=CVE-2018-14821
Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vulnerability may allow a remote, unauthenticated threat actor to intentionally send a malformed CIP packet to Port 44818, causing the RSLinx Classic application to terminate. The user will need to manually restart the software to regain functionality. Rockwell Automation RSLinx Classic en versiones 4.00.01 y anteriores. Esta vulnerabilidad podría permitir que un actor de amenaza remoto no autenticado envíe de forma intencional un paquete CIP mal formado al puerto 44818, lo que provoca que la aplicación RSLinx Classic se termine. • https://ics-cert.us-cert.gov/advisories/ICSA-18-263-02 https://www.tenable.com/security/research/tra-2018-26 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9204
https://notcve.org/view.php?id=CVE-2014-9204
Stack-based buffer overflow in OPCTest.exe in Rockwell Automation RSLinx Classic before 3.73.00 allows remote attackers to execute arbitrary code via a crafted CSV file. Desbordamiento de buffer basado en pila en OPCTest.exe en Rockwell Automation RSLinx Classic anterior a 3.73.00 permite a atacantes remotos ejecutar código arbitrario a través de un fichero CSV manipulado. • https://ics-cert.us-cert.gov/advisories/ICSA-15-111-02 https://rockwellautomation.custhelp.com/app/answers/detail/a_id/646324 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 1%CPEs: 2EXPL: 0CVE-2011-2530
https://notcve.org/view.php?id=CVE-2011-2530
Buffer overflow in RSEds.dll in RSHWare.exe in the EDS Hardware Installation Tool 1.0.5.1 and earlier in Rockwell Automation RSLinx Classic before 2.58 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed .eds file. Desbordamiento de búfer en RSEds.dll en RSHWare.exe en EDS Hardware Installation Tool v1.0.5.1 y anteriores de Rockwell Automation RSLinx antes de v2.58, permite atecantes remotos asistidos por el usuario provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código de su elección a través de un archivo .eds mal formado. • http://rockwellautomation.custhelp.com/app/answers/detail/a_id/279194 http://www.kb.cert.org/vuls/id/127584 http://www.kb.cert.org/vuls/id/MAPG-8G9PWX http://www.securityfocus.com/bid/48092 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •