CVE-2019-10954
N/A
N/A
Summary
An attacker could send crafted SMTP packets to cause a denial-of-service condition where the controller enters a major non-recoverable faulted state (MNRF) in CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370 controllers, and Armor Compact GuardLogix 5370 Controllers Versions 20 - 30 and earlier.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Rockwell Automation | CompactLogix 5370 L1 controllers | 0 < 20 - 30 | affected |
| Rockwell Automation | CompactLogix 5370 L2 controllers | 0 < 20 - 30 | affected |
| Rockwell Automation | CompactLogix 5370 L3 controllers | 0 < 20 - 30 | affected |
| Rockwell Automation | Compact GuardLogix 5370 controllers | 0 < 20 - 30 | affected |
| Rockwell Automation | Armor Compact GuardLogix 5370 controllers | 0 < 20 - 30 | affected |
Weaknesses
- CWE-121: CWE-121 Stack-based Buffer Overflow
ADP Enrichment
CVE Program Container
Additional References
- https://ics-cert.us-cert.gov/advisories/ICSA-19-120-01
- http://www.securityfocus.com/bid/108118
- https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1075979
References
- https://ics-cert.us-cert.gov/advisories/ICSA-19-120-01
- http://www.securityfocus.com/bid/108118
- https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1075979
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.