CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-14827
https://notcve.org/view.php?id=CVE-2018-14827
Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. A remote, unauthenticated threat actor may intentionally send specially crafted Ethernet/IP packets to Port 44818, causing the software application to stop responding and crash. The user must restart the software to regain functionality. Rockwell Automation RSLinx Classic en versiones 4.00.01 y anteriores. Un actor de amenaza remoto no autenticado podría enviar de forma intencionada paquetes Ethernet/IP al puerto 44818, lo que provoca que la aplicación del software deje de responder y se cierre inesperadamente. • https://ics-cert.us-cert.gov/advisories/ICSA-18-263-02 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2018-14821
https://notcve.org/view.php?id=CVE-2018-14821
Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vulnerability may allow a remote, unauthenticated threat actor to intentionally send a malformed CIP packet to Port 44818, causing the RSLinx Classic application to terminate. The user will need to manually restart the software to regain functionality. Rockwell Automation RSLinx Classic en versiones 4.00.01 y anteriores. Esta vulnerabilidad podría permitir que un actor de amenaza remoto no autenticado envíe de forma intencional un paquete CIP mal formado al puerto 44818, lo que provoca que la aplicación RSLinx Classic se termine. • https://ics-cert.us-cert.gov/advisories/ICSA-18-263-02 https://www.tenable.com/security/research/tra-2018-26 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-9312
https://notcve.org/view.php?id=CVE-2017-9312
Improperly implemented option-field processing in the TCP/IP stack on Allen-Bradley L30ERMS safety devices v30 and earlier causes a denial of service. When a crafted TCP packet is received, the device reboots immediately. El procesamiento del campo option implementado de forma incorrecta en la pila TCP/IP en los dispositivos de seguridad Allen-Bradley L30ERMS en versiones v30 y anteriores provoca una denegación de servicio (DoS). Cuando se recibe un paquete TCP, el dispositivo se reinicia de forma inmediata. • http://www.securityfocus.com/bid/104528 https://ics-cert.us-cert.gov/advisories/ICSA-18-172-02 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2018-10619 – RSLinx Classic and FactoryTalk Linx Gateway - Privilege Escalation
https://notcve.org/view.php?id=CVE-2018-10619
An unquoted search path or element in RSLinx Classic Versions 3.90.01 and prior and FactoryTalk Linx Gateway Versions 3.90.00 and prior may allow an authorized, but non-privileged local user to execute arbitrary code and allow a threat actor to escalate user privileges on the affected workstation. Un elemento o ruta de búsqueda sin entrecomillar en RSLinx Classic en versiones 3.90.01 y anteriores y FactoryTalk Linx Gateway en versiones 3.90.00 y anteriores podría permitir que un usuario local autorizado sin privilegios ejecute código arbitrario y permita que un actor de amenaza escale sus privilegios de usuario en la estación de trabajo afectada. Rockwell Automation RSLinx Classic and FactoryTalk Linx Gateway suffer from a privilege escalation vulnerability. Rockwell Automation RSLinx Classic versions 3.90.01, 3.73.00, 3.72.00, and 2.58.00 are susceptible. Rockwell Automation FactoryTalk Linx Gateway version 3.90.00 is susceptible. • https://www.exploit-db.com/exploits/44892 http://www.securityfocus.com/bid/104415 https://ics-cert.us-cert.gov/advisories/ICSA-18-158-01 • CWE-428: Unquoted Search Path or Element •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2017-12092
https://notcve.org/view.php?id=CVE-2017-12092
An exploitable file write vulnerability exists in the memory module functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a file write resulting in a new program being written to the memory module. An attacker can send an unauthenticated packet to trigger this vulnerability. Existe una vulnerabilidad explotable de escritura de archivos en la funcionalidad del módulo de memoria de Allen Bradley Micrologix 1400 Series B FRN, en versiones 21.2 y anteriores. Un paquete especialmente manipulado puede provocar una escritura de archivos, lo que resulta en que se escribe un nuevo programa en el módulo de memoria. • https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0444 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •