CVE-2019-10954
Rockwell Automation CompactLogix 5370 Stack-based Buffer Overflow
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
An attacker could send crafted SMTP packets to cause a denial-of-service condition where the controller enters a major non-recoverable faulted state (MNRF) in CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370 controllers, and Armor Compact GuardLogix 5370 Controllers Versions 20 - 30 and earlier.
Un atacante podría enviar paquetes SMTP creados para causar una condición de denegación de servicio en la que el controlador entra en un estado de fallo superior no recuperable (MNRF) en los controladores CompactLogix 5370 L1, L2 y L3, los controladores Compact GuardLogix 5370 y los controladores Armor Compact GuardLogix 5370 de las versiones 20 a 30.014 y anteriores.
*Credits:
George Lashenko of CyberX reported to CISA.
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-04-08 CVE Reserved
- 2019-05-01 CVE Published
- 2024-04-24 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-121: Stack-based Buffer Overflow
- CWE-787: Out-of-bounds Write
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/108118 | Broken Link | |
| https://ics-cert.us-cert.gov/advisories/ICSA-19-120-01 | Third Party Advisory | |
| https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1075979 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Rockwellautomation Search vendor "Rockwellautomation" | Compactlogix 5370 L1 Firmware Search vendor "Rockwellautomation" for product "Compactlogix 5370 L1 Firmware" | >= 20.011 <= 30.014 Search vendor "Rockwellautomation" for product "Compactlogix 5370 L1 Firmware" and version " >= 20.011 <= 30.014" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Compactlogix 5370 L1 Search vendor "Rockwellautomation" for product "Compactlogix 5370 L1" | - | - |
Safe
|
| Rockwellautomation Search vendor "Rockwellautomation" | Compactlogix 5370 L2 Firmware Search vendor "Rockwellautomation" for product "Compactlogix 5370 L2 Firmware" | >= 20.011 <= 30.014 Search vendor "Rockwellautomation" for product "Compactlogix 5370 L2 Firmware" and version " >= 20.011 <= 30.014" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Compactlogix 5370 L2 Search vendor "Rockwellautomation" for product "Compactlogix 5370 L2" | - | - |
Safe
|
| Rockwellautomation Search vendor "Rockwellautomation" | Compactlogix 5370 L3 Firmware Search vendor "Rockwellautomation" for product "Compactlogix 5370 L3 Firmware" | >= 20.011 <= 30.014 Search vendor "Rockwellautomation" for product "Compactlogix 5370 L3 Firmware" and version " >= 20.011 <= 30.014" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Compactlogix 5370 L3 Search vendor "Rockwellautomation" for product "Compactlogix 5370 L3" | - | - |
Safe
|
| Rockwellautomation Search vendor "Rockwellautomation" | Compact Guardlogix 5370 Firmware Search vendor "Rockwellautomation" for product "Compact Guardlogix 5370 Firmware" | >= 20.011 <= 30.014 Search vendor "Rockwellautomation" for product "Compact Guardlogix 5370 Firmware" and version " >= 20.011 <= 30.014" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Compact Guardlogix 5370 Search vendor "Rockwellautomation" for product "Compact Guardlogix 5370" | - | - |
Safe
|
| Rockwellautomation Search vendor "Rockwellautomation" | Armor Compact Guardlogix 5370 Firmware Search vendor "Rockwellautomation" for product "Armor Compact Guardlogix 5370 Firmware" | >= 20.011 <= 30.014 Search vendor "Rockwellautomation" for product "Armor Compact Guardlogix 5370 Firmware" and version " >= 20.011 <= 30.014" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Armor Compact Guardlogix 5370 Search vendor "Rockwellautomation" for product "Armor Compact Guardlogix 5370" | - | - |
Safe
|