CVE-2023-7242
8.2
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
Summary
Industrial Control Systems Network Protocol Parsers (ICSNPP) - Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds read during the process of analyzing a specific Ethercat packet. This could allow an attacker to crash the Zeek process and leak some information in memory.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| CISA | Industrial Control Systems Network Protocol Parsers (ICSNPP) - Ethercat Plugin for Zeek | 0 <= d78dda6 | affected |
Weaknesses
- CWE-125: CWE-125 Out-of-bounds Read
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.