CVSS: 8.6EPSS: 0%CPEs: 32EXPL: 1CVE-2018-17924
https://notcve.org/view.php?id=CVE-2018-17924
Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upon successful connection, send a new IP configuration to the affected device even if the controller in the system is set to Hard RUN mode. When the affected device accepts this new IP configuration, a loss of communication occurs between the device and the rest of the system as the system traffic is still attempting to communicate with the device via the overwritten IP address. Rockwell Automation MicroLogix 1400 Controllers y 1756 ControlLogix Communications Modules. Un actor de amenaza remoto no autenticado podría enviar una petición de conexión CIP a un dispositivo afectado y, tras conectarse exitosamente, enviar una nueva configuración IP al dispositivo afectado incluso aunque el controlador en el sistema esté configurado en modo Hard RUN. Cuando el dispositivo afectado acepta esta nueva configuración IP, ocurre una pérdida de comunicación entre el dispositivo y el resto del sistema, ya que el tráfico del sistema sigue intentando comunicarse con el dispositivo mediante la dirección IP sobrescrita. • https://github.com/g0dd0ghd/CVE-2018-17924-PoC http://www.securityfocus.com/bid/106132 https://ics-cert.us-cert.gov/advisories/ICSA-18-310-02 • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.8EPSS: 93%CPEs: 23EXPL: 0CVE-2012-6442
https://notcve.org/view.php?id=CVE-2012-6442
Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400 allow remote attackers to cause a denial of service (control and communication outage) via a CIP message that specifies a reset. Los productos Rockwell Automation EtherNet/IP: 1756-ENBT, 1756-EWEB, 1768-ENBT, y los módulos de comunicación 1768-EWEB; CompactLogix L32E y controladores L35E; adaptador 1788-ENBT FLEXLogix; adaptador 1794-AENTR FLEX I/O EtherNet/IP; ControlLogix 18 y anteriores; CompactLogix 18 y anteriores; GuardLogix 18 y anteriores; SoftLogix 18 y anteriores; controladores CompactLogix 19 y anteriores; controladores SoftLogix 19 y anteriores; controladores ControlLogix 20 y anteriores; controladores GuardLogix 20 y anteriores; y MicroLogix 1100 y 1400 permiten a atacantes remotos causar una denegación de servicio (control y corte de la comunicación) a través de un mensaje CIP que especifica un reinicio. • http://www.us-cert.gov/control_systems/pdf/ICSA-13-011-03.pdf https://tools.cisco.com/security/center/viewAlert.x?alertId=27862 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 88%CPEs: 4EXPL: 0CVE-2010-2965
https://notcve.org/view.php?id=CVE-2010-2965
The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804. El servicio WDB target agent debug en Wind River VxWorks v6.x, v5.x, y anteriores, como los usados en el Rockwell Automation 1756-ENBT serie A con firmware v3.2.6 y v3.6.1 y otros productos, permiten a atacantes remotos leer o modificar a su elección direcciones de memoria, realizar llamdas a funciones, o administrar tareas a través de peticiones UDP al puerto 17185, relacionado con el comportamiento de CVE-2005-3804. • http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=69735 http://www.kb.cert.org/vuls/id/362332 http://www.kb.cert.org/vuls/id/MAPG-86EPFA http://www.kb.cert.org/vuls/id/MAPG-86FPQL https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=033708 • CWE-863: Incorrect Authorization •