CVSS: 8.6EPSS: 0%CPEs: 6EXPL: 0CVE-2024-21916 – Rockwell Automation Denial-of-service Vulnerability in ICE1 Controller
https://notcve.org/view.php?id=CVE-2024-21916
A denial-of-service vulnerability exists in specific Rockwell Automation ControlLogix ang GuardLogix controllers. If exploited, the product could potentially experience a major nonrecoverable fault (MNRF). The device will restart itself to recover from the MNRF. Existe una vulnerabilidad de denegación de servicio en controladores Rockwell Automation ControlLogix ang GuardLogix. Si se explota, el producto podría experimentar un fallo importante no recuperable (MNRF). • https://www.rockwellautomation.com/en-us/support/advisory.SD1661.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 101EXPL: 0CVE-2016-9343
https://notcve.org/view.php?id=CVE-2016-9343
An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service. Ha sido descubierto un problema en Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 a 21.00 (excluyendo todas las versiones de firmware anteriores a FRN 16.00, que no se ven afectadas). Al enviar un paquete de protocolo industrial común (CIP) malformado, un atacante puede realizar un desbordamiento de búfer basado en pila y ejecutar código en el controlador o iniciar un fallo irrecuperable que da como resultado una denegación de servicio. • http://www.securityfocus.com/bid/95304 https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05 • CWE-787: Out-of-bounds Write •