CVE-2023-3596

Summary

Where this vulnerability exists in the Rockwell Automation 1756-EN4* Ethernet/IP communication products, it could allow a malicious user to cause a denial of service by asserting the target system through maliciously crafted CIP messages.

Affected Software

VendorProductVersion RangeStatus
Rockwell Automation1756-EN4TR Series A<=5.001affected
Rockwell Automation1756-EN4TRK Series A<=5.001affected
Rockwell Automation1756-EN4TRXT Series A<=5.001affected

Weaknesses

  • CWE-787: CWE-787 Out-of-bounds Write

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References