CVE-2016-9343

Summary

An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service.

Affected Software

VendorProductVersion RangeStatus
n/aRockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00affected

Weaknesses

  • Rockwell Automation Logix5000 Programmable Automation Controller Buffer Overflow Vulnerability

ADP Enrichment

CVE Program Container

Additional References

References