CVE-2023-3595

Summary

Where this vulnerability exists in the Rockwell Automation 1756 EN2* and 1756 EN3* ControlLogix communication products, it could allow a malicious user to perform remote code execution with persistence on the target system through maliciously crafted CIP messages. This includes the ability to modify, deny, and exfiltrate data passing through the device.

Affected Software

VendorProductVersion RangeStatus
Rockwell Automation1756-EN2T Series A, B, C<=5.008 & 5.028affected
Rockwell Automation1756-EN2T Series D<=11.003affected
Rockwell Automation1756-EN2TK Series A, B, C<=5.008 & 5.028affected
Rockwell Automation1756-EN2TXT Series A, B, C<=5.008 & 5.028affected
Rockwell Automation1756-EN2TXT Series D<=11.003affected
Rockwell Automation1756-EN2TP Series A<=11.003affected
Rockwell Automation1756-EN2TPK Series A<=11.003affected
Rockwell Auotmation1756-EN2TPXT Series A<=11.003affected
Rockwell Automation1756-EN2TR Series A, B<=5.008 & 5.028affected
Rockwell Automation1756-EN2TR Series C<=11.003affected
Rockwell Automation1756-EN2TRK Series A, B<=5.008 & 5.028affected
Rockwell Automation1756-EN2TRK Series C<=11.003affected
Rockwell Automation1756-EN2TRXT Series A, B<=5.008 & 5.028affected
Rockwell Automation1756-EN2TRXT Series C<=11.003affected
Rockwell Automation1756-EN2F Series A, B<=5.008 & 5.028affected
Rockwell Automation1756-EN2F Series C<=11.003affected
Rockwell Automation1756-EN2FK Series A, B<=5.008 & 5.028affected
Rockwell Automation1756-EN2FK Series C<=11.003affected
Rockwell Automation1756-EN3TR Series A<=5.008 & 5.028affected
Rockwell Automation1756-EN3TR Series B<=11.003affected
Rockwell Automation1756-EN3TRK Series A<=5.008 & 5.028affected
Rockwell Automation1756-EN3TRK Series B<=11.003affected

Weaknesses

  • CWE-787: CWE-787 Out-of-bounds Write

ADP Enrichment

CVE Program Container

Additional References

References