Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-3595 (GCVE-0-2023-3595)
Vulnerability from cvelistv5
Published
2023-07-12 12:37
Modified
2024-08-02 07:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
Where this vulnerability exists in the Rockwell Automation 1756 EN2* and 1756 EN3* ControlLogix communication products, it could allow a malicious user to perform remote code execution with persistence on the target system through maliciously crafted CIP messages. This includes the ability to modify, deny, and exfiltrate data passing through the device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| PSIRT@rockwellautomation.com | https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010 | Permissions Required, Vendor Advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:01:57.031Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "1756-EN2T Series A, B, C",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2T Series D",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.003"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TK Series A, B, C",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TXT Series A, B, C",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TXT Series D",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.003"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TP Series A",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.003"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TPK Series A",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.003"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TPXT Series A",
"vendor": "Rockwell Auotmation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.003"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TR Series A, B",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TR Series C",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.003"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TRK Series A, B",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TRK Series C",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.003"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TRXT Series A, B",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TRXT Series C",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.003"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2F Series A, B",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2F Series C",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.003"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2FK Series A, B",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2FK Series C",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.003"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN3TR Series A",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN3TR Series B",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.003"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN3TRK Series A",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN3TRK Series B",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.003"
}
]
}
],
"datePublic": "2023-07-12T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWhere this vulnerability exists in the Rockwell Automation 1756 EN2* and 1756 EN3* ControlLogix communication products, it could allow a malicious user to perform remote code execution with persistence on the target system through maliciously crafted CIP messages. This includes the ability to modify, deny, and exfiltrate data passing through the device.\u003c/span\u003e\n\n"
}
],
"value": "\nWhere this vulnerability exists in the Rockwell Automation 1756 EN2* and 1756 EN3* ControlLogix communication products, it could allow a malicious user to perform remote code execution with persistence on the target system through maliciously crafted CIP messages. This includes the ability to modify, deny, and exfiltrate data passing through the device.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-12T13:15:20.247Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cul\u003e\u003cli\u003e\u003cstrong\u003eUpdate firmware.\u003c/strong\u003e\u0026nbsp;Update EN2* ControlLogix communications modules to mitigated firmware.\u003c/li\u003e\u003cli\u003e\u003cstrong\u003eProperly segment networks.\u003c/strong\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\u0026nbsp;Given a cyber actor would require network connectivity to the communication module to exploit the vulnerability, organizations should ensure ICS/SCADA networks are properly segmented within the process structure as well as from the Internet and other non-essential networks.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cstrong\u003eImplement detection signatures.\u003c/strong\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\u0026nbsp;Use appended Snort signatures to monitor and detect anomalous Common Industrial Protocol (CIP) packets to Rockwell Automation devices.\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e\n\n"
}
],
"value": "\n * Update firmware.\u00a0Update EN2* ControlLogix communications modules to mitigated firmware.\n * Properly segment networks.\u00a0Given a cyber actor would require network connectivity to the communication module to exploit the vulnerability, organizations should ensure ICS/SCADA networks are properly segmented within the process structure as well as from the Internet and other non-essential networks.\n * Implement detection signatures.\u00a0Use appended Snort signatures to monitor and detect anomalous Common Industrial Protocol (CIP) packets to Rockwell Automation devices.\n\n\n\n\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Rockwell Automation ControlLogix Communication Modules Vulnerable to Remote Code Execution",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2023-3595",
"datePublished": "2023-07-12T12:37:01.939Z",
"dateReserved": "2023-07-10T15:34:52.031Z",
"dateUpdated": "2024-08-02T07:01:57.031Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2023-3595\",\"sourceIdentifier\":\"PSIRT@rockwellautomation.com\",\"published\":\"2023-07-12T13:15:09.880\",\"lastModified\":\"2024-11-21T08:17:37.710\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"\\nWhere this vulnerability exists in the Rockwell Automation 1756 EN2* and 1756 EN3* ControlLogix communication products, it could allow a malicious user to perform remote code execution with persistence on the target system through maliciously crafted CIP messages. This includes the ability to modify, deny, and exfiltrate data passing through the device.\\n\\n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"PSIRT@rockwellautomation.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"PSIRT@rockwellautomation.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:rockwellautomation:1756-en2f_series_a_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D4B3185-B776-46C4-B47F-CE48861A422B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:rockwellautomation:1756-en2f_series_a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97AC710F-97B3-47A1-86EC-3148A21F16B2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:rockwellautomation:1756-en2f_series_b_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7242493E-0B2A-4AF3-BF44-15D3D1DB0021\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:rockwellautomation:1756-en2f_series_b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA49358A-F76E-4DEC-994C-B988DE38BF7F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:rockwellautomation:1756-en2f_series_c_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48F83304-EF89-48A4-AA0E-EBD5AE5E46E5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:rockwellautomation:1756-en2f_series_c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6E5B08F-BD0C-4B3F-9897-61C945981CC6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:rockwellautomation:1756-en2t_series_a_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8E9CEA5-F039-484D-A234-1E3ADA352E32\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:rockwellautomation:1756-en2t_series_a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBB6A3C1-6419-4CDB-B7F5-57F20DA43C5A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:rockwellautomation:1756-en2t_series_b_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADCF431D-0F13-4037-BBDF-4199B5860CCA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:rockwellautomation:1756-en2t_series_b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E9D2541-B0DB-4925-ACD6-FCC2A028FA4A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:rockwellautomation:1756-en2t_series_c_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9B8DEC1-3980-49E0-82B1-275FD7870EC9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:rockwellautomation:1756-en2t_series_c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13581B79-89FF-42F0-93C1-CB77582E7303\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:rockwellautomation:1756-en2t_series_d_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88F147B7-96D5-4C52-AE8C-C5A24A103290\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:rockwellautomation:1756-en2t_series_d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F71090C1-36AD-4A1B-92B5-CB391593DF4B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:rockwellautomation:1756-en2tr_series_a_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94271569-D658-4F95-B9A6-2C1DB2647EB2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:rockwellautomation:1756-en2tr_series_a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4A8E21A-3826-497C-9F3D-6D9091AD7647\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:rockwellautomation:1756-en2tr_series_b_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BAEF2D94-6224-4877-9169-E5B0DB3FAA25\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:rockwellautomation:1756-en2tr_series_b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8607CD0D-0EE7-41CF-8E00-C0F5C83646A8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:rockwellautomation:1756-en2tr_series_c_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAB58AD4-EA1F-4106-ADD1-52EF2592B92C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:rockwellautomation:1756-en2tr_series_c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D58BA41B-3859-4489-9C74-730C27B1EFF0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:rockwellautomation:1756-en3tr_series_a_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE90B141-E680-4D15-8BCE-8D58909A3679\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:rockwellautomation:1756-en3tr_series_a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4824C266-82B1-4B74-AF72-BFCEF0547023\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:rockwellautomation:1756-en3tr_series_b_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01816E19-DF07-4A48-BC59-4A9918AE94FA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:rockwellautomation:1756-en3tr_series_b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14CF3A11-7130-420A-B99E-8FADA7C23484\"}]}]}],\"references\":[{\"url\":\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010\",\"source\":\"PSIRT@rockwellautomation.com\",\"tags\":[\"Permissions Required\",\"Vendor Advisory\"]},{\"url\":\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\",\"Vendor Advisory\"]}]}}"
}
}
cnvd-2024-16842
Vulnerability from cnvd
Title: Rockwell Automation 1756 EN2 and 1756 EN3拒绝服务漏洞
Description:
Rockwell Automation 1756是美国罗克韦尔(Rockwell Automation)公司的一种可扩展的控制器解决方案。能够寻址大量I/O点。
Rockwell Automation 1756 EN2和1756 EN3存在拒绝服务漏洞,该漏洞源于未对输入的错误消息做正确的处理,攻击者可利用该漏洞通过恶意制作的CIP消息在目标系统上持久执行远程代码。
Severity: 高
Patch Name: Rockwell Automation 1756 EN2 and 1756 EN3拒绝服务漏洞的补丁
Patch Description:
Rockwell Automation 1756是美国罗克韦尔(Rockwell Automation)公司的一种可扩展的控制器解决方案。能够寻址大量I/O点。
Rockwell Automation 1756 EN2和1756 EN3存在拒绝服务漏洞,该漏洞源于未对输入的错误消息做正确的处理,攻击者可利用该漏洞通过恶意制作的CIP消息在目标系统上持久执行远程代码。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description:
厂商已发布了漏洞修复程序,请及时关注更新: https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010
Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-3595
Impacted products
| Name | ['Rockwell Automation 1756 EN2', 'Rockwell Automation 1756 EN3'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2023-3595",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2023-3595"
}
},
"description": "Rockwell Automation 1756\u662f\u7f8e\u56fd\u7f57\u514b\u97e6\u5c14\uff08Rockwell Automation\uff09\u516c\u53f8\u7684\u4e00\u79cd\u53ef\u6269\u5c55\u7684\u63a7\u5236\u5668\u89e3\u51b3\u65b9\u6848\u3002\u80fd\u591f\u5bfb\u5740\u5927\u91cfI/O\u70b9\u3002\n\nRockwell Automation 1756 EN2\u548c1756 EN3\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u672a\u5bf9\u8f93\u5165\u7684\u9519\u8bef\u6d88\u606f\u505a\u6b63\u786e\u7684\u5904\u7406\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u6076\u610f\u5236\u4f5c\u7684CIP\u6d88\u606f\u5728\u76ee\u6807\u7cfb\u7edf\u4e0a\u6301\u4e45\u6267\u884c\u8fdc\u7a0b\u4ee3\u7801\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2024-16842",
"openTime": "2024-04-07",
"patchDescription": "Rockwell Automation 1756\u662f\u7f8e\u56fd\u7f57\u514b\u97e6\u5c14\uff08Rockwell Automation\uff09\u516c\u53f8\u7684\u4e00\u79cd\u53ef\u6269\u5c55\u7684\u63a7\u5236\u5668\u89e3\u51b3\u65b9\u6848\u3002\u80fd\u591f\u5bfb\u5740\u5927\u91cfI/O\u70b9\u3002\r\n\r\nRockwell Automation 1756 EN2\u548c1756 EN3\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u672a\u5bf9\u8f93\u5165\u7684\u9519\u8bef\u6d88\u606f\u505a\u6b63\u786e\u7684\u5904\u7406\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u6076\u610f\u5236\u4f5c\u7684CIP\u6d88\u606f\u5728\u76ee\u6807\u7cfb\u7edf\u4e0a\u6301\u4e45\u6267\u884c\u8fdc\u7a0b\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Rockwell Automation 1756 EN2 and 1756 EN3\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Rockwell Automation 1756 EN2",
"Rockwell Automation 1756 EN3"
]
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2023-3595",
"serverity": "\u9ad8",
"submitTime": "2023-07-16",
"title": "Rockwell Automation 1756 EN2 and 1756 EN3\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}
fkie_cve-2023-3595
Vulnerability from fkie_nvd
Published
2023-07-12 13:15
Modified
2024-11-21 08:17
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Where this vulnerability exists in the Rockwell Automation 1756 EN2* and 1756 EN3* ControlLogix communication products, it could allow a malicious user to perform remote code execution with persistence on the target system through maliciously crafted CIP messages. This includes the ability to modify, deny, and exfiltrate data passing through the device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| PSIRT@rockwellautomation.com | https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010 | Permissions Required, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rockwellautomation | 1756-en2f_series_a_firmware | - | |
| rockwellautomation | 1756-en2f_series_a | - | |
| rockwellautomation | 1756-en2f_series_b_firmware | - | |
| rockwellautomation | 1756-en2f_series_b | - | |
| rockwellautomation | 1756-en2f_series_c_firmware | - | |
| rockwellautomation | 1756-en2f_series_c | - | |
| rockwellautomation | 1756-en2t_series_a_firmware | - | |
| rockwellautomation | 1756-en2t_series_a | - | |
| rockwellautomation | 1756-en2t_series_b_firmware | - | |
| rockwellautomation | 1756-en2t_series_b | - | |
| rockwellautomation | 1756-en2t_series_c_firmware | - | |
| rockwellautomation | 1756-en2t_series_c | - | |
| rockwellautomation | 1756-en2t_series_d_firmware | - | |
| rockwellautomation | 1756-en2t_series_d | - | |
| rockwellautomation | 1756-en2tr_series_a_firmware | - | |
| rockwellautomation | 1756-en2tr_series_a | - | |
| rockwellautomation | 1756-en2tr_series_b_firmware | - | |
| rockwellautomation | 1756-en2tr_series_b | - | |
| rockwellautomation | 1756-en2tr_series_c_firmware | - | |
| rockwellautomation | 1756-en2tr_series_c | - | |
| rockwellautomation | 1756-en3tr_series_a_firmware | - | |
| rockwellautomation | 1756-en3tr_series_a | - | |
| rockwellautomation | 1756-en3tr_series_b_firmware | - | |
| rockwellautomation | 1756-en3tr_series_b | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2f_series_a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D4B3185-B776-46C4-B47F-CE48861A422B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2f_series_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97AC710F-97B3-47A1-86EC-3148A21F16B2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2f_series_b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7242493E-0B2A-4AF3-BF44-15D3D1DB0021",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2f_series_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA49358A-F76E-4DEC-994C-B988DE38BF7F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2f_series_c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48F83304-EF89-48A4-AA0E-EBD5AE5E46E5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2f_series_c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6E5B08F-BD0C-4B3F-9897-61C945981CC6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2t_series_a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E9CEA5-F039-484D-A234-1E3ADA352E32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2t_series_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBB6A3C1-6419-4CDB-B7F5-57F20DA43C5A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2t_series_b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCF431D-0F13-4037-BBDF-4199B5860CCA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2t_series_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E9D2541-B0DB-4925-ACD6-FCC2A028FA4A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2t_series_c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9B8DEC1-3980-49E0-82B1-275FD7870EC9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2t_series_c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13581B79-89FF-42F0-93C1-CB77582E7303",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2t_series_d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88F147B7-96D5-4C52-AE8C-C5A24A103290",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2t_series_d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F71090C1-36AD-4A1B-92B5-CB391593DF4B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2tr_series_a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94271569-D658-4F95-B9A6-2C1DB2647EB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2tr_series_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4A8E21A-3826-497C-9F3D-6D9091AD7647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2tr_series_b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAEF2D94-6224-4877-9169-E5B0DB3FAA25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2tr_series_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8607CD0D-0EE7-41CF-8E00-C0F5C83646A8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2tr_series_c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB58AD4-EA1F-4106-ADD1-52EF2592B92C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2tr_series_c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D58BA41B-3859-4489-9C74-730C27B1EFF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:1756-en3tr_series_a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE90B141-E680-4D15-8BCE-8D58909A3679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:1756-en3tr_series_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4824C266-82B1-4B74-AF72-BFCEF0547023",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:1756-en3tr_series_b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01816E19-DF07-4A48-BC59-4A9918AE94FA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:1756-en3tr_series_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14CF3A11-7130-420A-B99E-8FADA7C23484",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nWhere this vulnerability exists in the Rockwell Automation 1756 EN2* and 1756 EN3* ControlLogix communication products, it could allow a malicious user to perform remote code execution with persistence on the target system through maliciously crafted CIP messages. This includes the ability to modify, deny, and exfiltrate data passing through the device.\n\n"
}
],
"id": "CVE-2023-3595",
"lastModified": "2024-11-21T08:17:37.710",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-12T13:15:09.880",
"references": [
{
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010"
}
],
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
ICSA-23-193-01
Vulnerability from csaf_cisa
Published
2023-07-12 06:00
Modified
2023-07-12 06:00
Summary
Rockwell Automation Select Communication Modules
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow malicious actors to gain remote access of the running memory of the module and perform malicious activity.
Critical infrastructure sectors
Critical Manufacturing
Countries/areas deployed
Worldwide
Company headquarters location
United States
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
No known public exploits specifically target these vulnerabilities.
{
"document": {
"acknowledgments": [
{
"organization": "Rockwell Automation",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could allow malicious actors to gain remote access of the running memory of the module and perform malicious activity. ",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "United States",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-23-193-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2023/icsa-23-193-01.json"
},
{
"category": "self",
"summary": "ICSA Advisory ICSA-23-193-01 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-193-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Rockwell Automation Select Communication Modules",
"tracking": {
"current_release_date": "2023-07-12T06:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-23-193-01",
"initial_release_date": "2023-07-12T06:00:00.000000Z",
"revision_history": [
{
"date": "2023-07-12T06:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2T Series A: \u003c= 5.008",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "1756-EN2T Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2T Series A: \u003c= 5.028",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "1756-EN2T Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2T Series B: \u003c= 5.008",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "1756-EN2T Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2T Series B: \u003c= 5.028",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "1756-EN2T Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2T Series C: \u003c= 5.008",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "1756-EN2T Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2T Series C: \u003c= 5.028",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "1756-EN2T Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2T Series D: \u003c= 11.003",
"product_id": "CSAFPID-0007"
}
}
],
"category": "product_name",
"name": "1756-EN2T Series D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TK Series A: \u003c= 5.008",
"product_id": "CSAFPID-0008"
}
}
],
"category": "product_name",
"name": "1756-EN2TK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TK Series A: \u003c= 5.028",
"product_id": "CSAFPID-0009"
}
}
],
"category": "product_name",
"name": "1756-EN2TK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TK Series B: \u003c= 5.008",
"product_id": "CSAFPID-0010"
}
}
],
"category": "product_name",
"name": "1756-EN2TK Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TK Series B: \u003c= 5.028",
"product_id": "CSAFPID-0011"
}
}
],
"category": "product_name",
"name": "1756-EN2TK Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TK Series C: \u003c= 5.008",
"product_id": "CSAFPID-0012"
}
}
],
"category": "product_name",
"name": "1756-EN2TK Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TK Series C: \u003c= 5.028",
"product_id": "CSAFPID-0013"
}
}
],
"category": "product_name",
"name": "1756-EN2TK Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2TK Series D: \u003c= 11.003",
"product_id": "CSAFPID-0014"
}
}
],
"category": "product_name",
"name": "1756-EN2TK Series D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TXT Series A: \u003c= 5.008",
"product_id": "CSAFPID-0015"
}
}
],
"category": "product_name",
"name": "1756-EN2TXT Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TXT Series A: \u003c= 5.028",
"product_id": "CSAFPID-0016"
}
}
],
"category": "product_name",
"name": "1756-EN2TXT Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TXT Series B: \u003c= 5.008",
"product_id": "CSAFPID-0017"
}
}
],
"category": "product_name",
"name": "1756-EN2TXT Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TXT Series B: \u003c= 5.028",
"product_id": "CSAFPID-0018"
}
}
],
"category": "product_name",
"name": "1756-EN2TXT Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TXT Series C: \u003c= 5.008",
"product_id": "CSAFPID-0019"
}
}
],
"category": "product_name",
"name": "1756-EN2TXT Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TXT Series C: \u003c= 5.028",
"product_id": "CSAFPID-0020"
}
}
],
"category": "product_name",
"name": "1756-EN2TXT Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2TXT Series D: \u003c= 11.003",
"product_id": "CSAFPID-0021"
}
}
],
"category": "product_name",
"name": "1756-EN2TXT Series D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2TP Series A: \u003c= 11.003",
"product_id": "CSAFPID-0022"
}
}
],
"category": "product_name",
"name": "1756-EN2TP Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2TPK Series A: \u003c= 11.003",
"product_id": "CSAFPID-0023"
}
}
],
"category": "product_name",
"name": "1756-EN2TPK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2TPXT Series A: \u003c= 11.003",
"product_id": "CSAFPID-0024"
}
}
],
"category": "product_name",
"name": "1756-EN2TPXT Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TR Series A: \u003c= 5.008",
"product_id": "CSAFPID-0025"
}
}
],
"category": "product_name",
"name": "1756-EN2TR Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TR Series A: \u003c= 5.028",
"product_id": "CSAFPID-0026"
}
}
],
"category": "product_name",
"name": "1756-EN2TR Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TR Series B: \u003c= 5.008",
"product_id": "CSAFPID-0027"
}
}
],
"category": "product_name",
"name": "1756-EN2TR Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TR Series B: \u003c= 5.028",
"product_id": "CSAFPID-0028"
}
}
],
"category": "product_name",
"name": "1756-EN2TR Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2TR Series C: \u003c= 11.003",
"product_id": "CSAFPID-0029"
}
}
],
"category": "product_name",
"name": "1756-EN2TR Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TRK Series A: \u003c= 5.008",
"product_id": "CSAFPID-0030"
}
}
],
"category": "product_name",
"name": "1756-EN2TRK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TRK Series A: \u003c= 5.028",
"product_id": "CSAFPID-0031"
}
}
],
"category": "product_name",
"name": "1756-EN2TRK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TRK Series B: \u003c= 5.008",
"product_id": "CSAFPID-0032"
}
}
],
"category": "product_name",
"name": "1756-EN2TRK Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TRK Series B: \u003c= 5.028",
"product_id": "CSAFPID-0033"
}
}
],
"category": "product_name",
"name": "1756-EN2TRK Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2TRK Series C: \u003c= 11.003",
"product_id": "CSAFPID-0034"
}
}
],
"category": "product_name",
"name": "1756-EN2TRK Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TRXT Series A: \u003c= 5.008",
"product_id": "CSAFPID-0035"
}
}
],
"category": "product_name",
"name": "1756-EN2TRXT Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TRXT Series A: \u003c= 5.028",
"product_id": "CSAFPID-0036"
}
}
],
"category": "product_name",
"name": "1756-EN2TRXT Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TRXT Series B: \u003c= 5.008",
"product_id": "CSAFPID-0037"
}
}
],
"category": "product_name",
"name": "1756-EN2TRXT Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TRXT Series B: \u003c= 5.028",
"product_id": "CSAFPID-0038"
}
}
],
"category": "product_name",
"name": "1756-EN2TRXT Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2TRXT Series C: \u003c= 11.003",
"product_id": "CSAFPID-0039"
}
}
],
"category": "product_name",
"name": "1756-EN2TRXT Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2F Series A: \u003c= 5.008",
"product_id": "CSAFPID-0040"
}
}
],
"category": "product_name",
"name": "1756-EN2F Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2F Series A: \u003c= 5.028",
"product_id": "CSAFPID-0041"
}
}
],
"category": "product_name",
"name": "1756-EN2F Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2F Series B: \u003c= 5.008",
"product_id": "CSAFPID-0042"
}
}
],
"category": "product_name",
"name": "1756-EN2F Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2F Series B: \u003c= 5.028",
"product_id": "CSAFPID-0043"
}
}
],
"category": "product_name",
"name": "1756-EN2F Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2F Series C: \u003c= 11.003",
"product_id": "CSAFPID-0044"
}
}
],
"category": "product_name",
"name": "1756-EN2F Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2FK Series A: \u003c= 5.008",
"product_id": "CSAFPID-0045"
}
}
],
"category": "product_name",
"name": "1756-EN2FK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2FK Series A: \u003c= 5.028",
"product_id": "CSAFPID-0046"
}
}
],
"category": "product_name",
"name": "1756-EN2FK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2FK Series B: \u003c= 5.008",
"product_id": "CSAFPID-0047"
}
}
],
"category": "product_name",
"name": "1756-EN2FK Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2FK Series B: \u003c= 5.028",
"product_id": "CSAFPID-0048"
}
}
],
"category": "product_name",
"name": "1756-EN2FK Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2FK Series C: \u003c= 11.003",
"product_id": "CSAFPID-0049"
}
}
],
"category": "product_name",
"name": "1756-EN2FK Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN3TR Series A: \u003c= 5.008",
"product_id": "CSAFPID-0050"
}
}
],
"category": "product_name",
"name": "1756-EN3TR Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN3TR Series A: \u003c= 5.028",
"product_id": "CSAFPID-0051"
}
}
],
"category": "product_name",
"name": "1756-EN3TR Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN3TR Series B: \u003c= 11.003",
"product_id": "CSAFPID-0052"
}
}
],
"category": "product_name",
"name": "1756-EN3TR Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN3TRK Series A: \u003c= 5.008",
"product_id": "CSAFPID-0053"
}
}
],
"category": "product_name",
"name": "1756-EN3TRK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN3TRK Series A: \u003c= 5.028",
"product_id": "CSAFPID-0054"
}
}
],
"category": "product_name",
"name": "1756-EN3TRK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN3TRK Series B: \u003c= 11.003",
"product_id": "CSAFPID-0055"
}
}
],
"category": "product_name",
"name": "1756-EN3TRK Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.001",
"product": {
"name": "1756-EN4TR Series A: \u003c= 5.001",
"product_id": "CSAFPID-0056"
}
}
],
"category": "product_name",
"name": "1756-EN4TR Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.001",
"product": {
"name": "1756-EN4TRK Series A: \u003c= 5.001",
"product_id": "CSAFPID-0057"
}
}
],
"category": "product_name",
"name": "1756-EN4TRK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.001",
"product": {
"name": "1756-EN4TRXT Series A: \u003c= 5.001",
"product_id": "CSAFPID-0058"
}
}
],
"category": "product_name",
"name": "1756-EN4TRXT Series A"
}
],
"category": "vendor",
"name": "Rockwell Automation "
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-3595",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "Where this vulnerability exists in the 1756 EN2* and 1756 EN3* products, it could allow a malicious user to perform remote code execution with persistence on the target system through maliciously crafted CIP messages. This includes the ability to modify, deny, and exfiltrate data passing through the device. ",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3595"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Rockwell Automation has released the following versions to fix these vulnerabilities and can be addressed by performing a standard firmware update. Customers are strongly encouraged to implement the risk mitigations provided below and to the extent possible, to combine these with the security best practices to employ multiple strategies simultaneously.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
},
{
"category": "vendor_fix",
"details": "1756-EN2T Series A: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2T Series B: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2T Series C: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2T Series D: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0007"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TK Series A: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0008",
"CSAFPID-0009"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TK Series B: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0010",
"CSAFPID-0011"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TK Series C: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0012",
"CSAFPID-0013"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TK Series D: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0014"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TXT Series A: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0015",
"CSAFPID-0016"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TXT Series B: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0017",
"CSAFPID-0018"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TXT Series C: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0019",
"CSAFPID-0020"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TXT Series D: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0021"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TP Series A: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0022"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TPK Series A: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0023"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TPXT Series A: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0024"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TR Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0025",
"CSAFPID-0026"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TR Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0027",
"CSAFPID-0028"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TR Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0029"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRK Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0030",
"CSAFPID-0031"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRK Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0032",
"CSAFPID-0033"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRK Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0034"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRXT Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0035",
"CSAFPID-0036"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRXT Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0037",
"CSAFPID-0038"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRXT Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0039"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2F Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2F Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0042",
"CSAFPID-0043"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2F Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0044"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2FK Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0045",
"CSAFPID-0046"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2FK Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0047",
"CSAFPID-0048"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2FK Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0049"
]
},
{
"category": "vendor_fix",
"details": "1756-EN3TR Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0050",
"CSAFPID-0051"
]
},
{
"category": "vendor_fix",
"details": "1756-EN3TR Series B: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0052"
]
},
{
"category": "vendor_fix",
"details": "1756-EN3TRK Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0053",
"CSAFPID-0054"
]
},
{
"category": "vendor_fix",
"details": "1756-EN3TRK Series B: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0055"
]
},
{
"category": "vendor_fix",
"details": "1756-EN4TR Series A: Update to 5.002 or later",
"product_ids": [
"CSAFPID-0056"
]
},
{
"category": "vendor_fix",
"details": "1756-EN4TRK Series A: Update to 5.002 or later",
"product_ids": [
"CSAFPID-0057"
]
},
{
"category": "vendor_fix",
"details": "1756-EN4TRXT Series A: Update to 5.002 or later",
"product_ids": [
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "** Rockwell Automation strongly recommends updating to signed firmware if possible. Once the module is updated to signed firmware (example 5.008 to 5.0029), it is not possible to revert to unsigned firmware versions.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "Organizations should take the following actions to further secure ControlLogix communications modules from exploitation:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "Update firmware. Update EN2 * ControlLogix communications modules to firmware revision 11.004 and update EN4 * ControlLogix communications modules to firmware revision 5.002.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "Properly segment networks. Given a cyber actor would require network connectivity to the communication module to exploit the vulnerability, organizations should ensure ICS/SCADA networks are properly segmented within the process structure as well as from the Internet and other non-essential networks.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "Implement detection signatures. Use appended Snort signatures to monitor and detect anomalous Common Industrial Protocol (CIP) packets to Rockwell Automation devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "For more information and to see Rockwell\u0027s detection rules, see Rockwell Automation\u0027s Security Advisory.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
}
]
},
{
"cve": "CVE-2023-3596",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "Where this vulnerability exists in the 1756-EN4* products, it could allow a malicious user to cause a denial-of-service condition by asserting the target system through maliciously crafted CIP messages. ",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3596"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Rockwell Automation has released the following versions to fix these vulnerabilities and can be addressed by performing a standard firmware update. Customers are strongly encouraged to implement the risk mitigations provided below and to the extent possible, to combine these with the security best practices to employ multiple strategies simultaneously.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
},
{
"category": "vendor_fix",
"details": "1756-EN2T Series A: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2T Series B: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2T Series C: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2T Series D: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0007"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TK Series A: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0008",
"CSAFPID-0009"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TK Series B: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0010",
"CSAFPID-0011"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TK Series C: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0012",
"CSAFPID-0013"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TK Series D: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0014"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TXT Series A: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0015",
"CSAFPID-0016"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TXT Series B: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0017",
"CSAFPID-0018"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TXT Series C: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0019",
"CSAFPID-0020"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TXT Series D: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0021"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TP Series A: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0022"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TPK Series A: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0023"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TPXT Series A: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0024"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TR Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0025",
"CSAFPID-0026"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TR Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0027",
"CSAFPID-0028"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TR Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0029"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRK Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0030",
"CSAFPID-0031"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRK Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0032",
"CSAFPID-0033"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRK Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0034"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRXT Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0035",
"CSAFPID-0036"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRXT Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0037",
"CSAFPID-0038"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRXT Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0039"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2F Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2F Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0042",
"CSAFPID-0043"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2F Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0044"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2FK Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0045",
"CSAFPID-0046"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2FK Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0047",
"CSAFPID-0048"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2FK Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0049"
]
},
{
"category": "vendor_fix",
"details": "1756-EN3TR Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0050",
"CSAFPID-0051"
]
},
{
"category": "vendor_fix",
"details": "1756-EN3TR Series B: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0052"
]
},
{
"category": "vendor_fix",
"details": "1756-EN3TRK Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0053",
"CSAFPID-0054"
]
},
{
"category": "vendor_fix",
"details": "1756-EN3TRK Series B: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0055"
]
},
{
"category": "vendor_fix",
"details": "1756-EN4TR Series A: Update to 5.002 or later",
"product_ids": [
"CSAFPID-0056"
]
},
{
"category": "vendor_fix",
"details": "1756-EN4TRK Series A: Update to 5.002 or later",
"product_ids": [
"CSAFPID-0057"
]
},
{
"category": "vendor_fix",
"details": "1756-EN4TRXT Series A: Update to 5.002 or later",
"product_ids": [
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "** Rockwell Automation strongly recommends updating to signed firmware if possible. Once the module is updated to signed firmware (example 5.008 to 5.0029), it is not possible to revert to unsigned firmware versions.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "Organizations should take the following actions to further secure ControlLogix communications modules from exploitation:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "Update firmware. Update EN2 * ControlLogix communications modules to firmware revision 11.004 and update EN4 * ControlLogix communications modules to firmware revision 5.002.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "Properly segment networks. Given a cyber actor would require network connectivity to the communication module to exploit the vulnerability, organizations should ensure ICS/SCADA networks are properly segmented within the process structure as well as from the Internet and other non-essential networks.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "Implement detection signatures. Use appended Snort signatures to monitor and detect anomalous Common Industrial Protocol (CIP) packets to Rockwell Automation devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "For more information and to see Rockwell\u0027s detection rules, see Rockwell Automation\u0027s Security Advisory.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
}
]
}
]
}
icsa-23-193-01
Vulnerability from csaf_cisa
Published
2023-07-12 06:00
Modified
2023-07-12 06:00
Summary
Rockwell Automation Select Communication Modules
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow malicious actors to gain remote access of the running memory of the module and perform malicious activity.
Critical infrastructure sectors
Critical Manufacturing
Countries/areas deployed
Worldwide
Company headquarters location
United States
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
No known public exploits specifically target these vulnerabilities.
{
"document": {
"acknowledgments": [
{
"organization": "Rockwell Automation",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could allow malicious actors to gain remote access of the running memory of the module and perform malicious activity. ",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "United States",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-23-193-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2023/icsa-23-193-01.json"
},
{
"category": "self",
"summary": "ICSA Advisory ICSA-23-193-01 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-193-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Rockwell Automation Select Communication Modules",
"tracking": {
"current_release_date": "2023-07-12T06:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-23-193-01",
"initial_release_date": "2023-07-12T06:00:00.000000Z",
"revision_history": [
{
"date": "2023-07-12T06:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2T Series A: \u003c= 5.008",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "1756-EN2T Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2T Series A: \u003c= 5.028",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "1756-EN2T Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2T Series B: \u003c= 5.008",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "1756-EN2T Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2T Series B: \u003c= 5.028",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "1756-EN2T Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2T Series C: \u003c= 5.008",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "1756-EN2T Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2T Series C: \u003c= 5.028",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "1756-EN2T Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2T Series D: \u003c= 11.003",
"product_id": "CSAFPID-0007"
}
}
],
"category": "product_name",
"name": "1756-EN2T Series D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TK Series A: \u003c= 5.008",
"product_id": "CSAFPID-0008"
}
}
],
"category": "product_name",
"name": "1756-EN2TK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TK Series A: \u003c= 5.028",
"product_id": "CSAFPID-0009"
}
}
],
"category": "product_name",
"name": "1756-EN2TK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TK Series B: \u003c= 5.008",
"product_id": "CSAFPID-0010"
}
}
],
"category": "product_name",
"name": "1756-EN2TK Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TK Series B: \u003c= 5.028",
"product_id": "CSAFPID-0011"
}
}
],
"category": "product_name",
"name": "1756-EN2TK Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TK Series C: \u003c= 5.008",
"product_id": "CSAFPID-0012"
}
}
],
"category": "product_name",
"name": "1756-EN2TK Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TK Series C: \u003c= 5.028",
"product_id": "CSAFPID-0013"
}
}
],
"category": "product_name",
"name": "1756-EN2TK Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2TK Series D: \u003c= 11.003",
"product_id": "CSAFPID-0014"
}
}
],
"category": "product_name",
"name": "1756-EN2TK Series D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TXT Series A: \u003c= 5.008",
"product_id": "CSAFPID-0015"
}
}
],
"category": "product_name",
"name": "1756-EN2TXT Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TXT Series A: \u003c= 5.028",
"product_id": "CSAFPID-0016"
}
}
],
"category": "product_name",
"name": "1756-EN2TXT Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TXT Series B: \u003c= 5.008",
"product_id": "CSAFPID-0017"
}
}
],
"category": "product_name",
"name": "1756-EN2TXT Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TXT Series B: \u003c= 5.028",
"product_id": "CSAFPID-0018"
}
}
],
"category": "product_name",
"name": "1756-EN2TXT Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TXT Series C: \u003c= 5.008",
"product_id": "CSAFPID-0019"
}
}
],
"category": "product_name",
"name": "1756-EN2TXT Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TXT Series C: \u003c= 5.028",
"product_id": "CSAFPID-0020"
}
}
],
"category": "product_name",
"name": "1756-EN2TXT Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2TXT Series D: \u003c= 11.003",
"product_id": "CSAFPID-0021"
}
}
],
"category": "product_name",
"name": "1756-EN2TXT Series D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2TP Series A: \u003c= 11.003",
"product_id": "CSAFPID-0022"
}
}
],
"category": "product_name",
"name": "1756-EN2TP Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2TPK Series A: \u003c= 11.003",
"product_id": "CSAFPID-0023"
}
}
],
"category": "product_name",
"name": "1756-EN2TPK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2TPXT Series A: \u003c= 11.003",
"product_id": "CSAFPID-0024"
}
}
],
"category": "product_name",
"name": "1756-EN2TPXT Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TR Series A: \u003c= 5.008",
"product_id": "CSAFPID-0025"
}
}
],
"category": "product_name",
"name": "1756-EN2TR Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TR Series A: \u003c= 5.028",
"product_id": "CSAFPID-0026"
}
}
],
"category": "product_name",
"name": "1756-EN2TR Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TR Series B: \u003c= 5.008",
"product_id": "CSAFPID-0027"
}
}
],
"category": "product_name",
"name": "1756-EN2TR Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TR Series B: \u003c= 5.028",
"product_id": "CSAFPID-0028"
}
}
],
"category": "product_name",
"name": "1756-EN2TR Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2TR Series C: \u003c= 11.003",
"product_id": "CSAFPID-0029"
}
}
],
"category": "product_name",
"name": "1756-EN2TR Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TRK Series A: \u003c= 5.008",
"product_id": "CSAFPID-0030"
}
}
],
"category": "product_name",
"name": "1756-EN2TRK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TRK Series A: \u003c= 5.028",
"product_id": "CSAFPID-0031"
}
}
],
"category": "product_name",
"name": "1756-EN2TRK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TRK Series B: \u003c= 5.008",
"product_id": "CSAFPID-0032"
}
}
],
"category": "product_name",
"name": "1756-EN2TRK Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TRK Series B: \u003c= 5.028",
"product_id": "CSAFPID-0033"
}
}
],
"category": "product_name",
"name": "1756-EN2TRK Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2TRK Series C: \u003c= 11.003",
"product_id": "CSAFPID-0034"
}
}
],
"category": "product_name",
"name": "1756-EN2TRK Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TRXT Series A: \u003c= 5.008",
"product_id": "CSAFPID-0035"
}
}
],
"category": "product_name",
"name": "1756-EN2TRXT Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TRXT Series A: \u003c= 5.028",
"product_id": "CSAFPID-0036"
}
}
],
"category": "product_name",
"name": "1756-EN2TRXT Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2TRXT Series B: \u003c= 5.008",
"product_id": "CSAFPID-0037"
}
}
],
"category": "product_name",
"name": "1756-EN2TRXT Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2TRXT Series B: \u003c= 5.028",
"product_id": "CSAFPID-0038"
}
}
],
"category": "product_name",
"name": "1756-EN2TRXT Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2TRXT Series C: \u003c= 11.003",
"product_id": "CSAFPID-0039"
}
}
],
"category": "product_name",
"name": "1756-EN2TRXT Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2F Series A: \u003c= 5.008",
"product_id": "CSAFPID-0040"
}
}
],
"category": "product_name",
"name": "1756-EN2F Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2F Series A: \u003c= 5.028",
"product_id": "CSAFPID-0041"
}
}
],
"category": "product_name",
"name": "1756-EN2F Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2F Series B: \u003c= 5.008",
"product_id": "CSAFPID-0042"
}
}
],
"category": "product_name",
"name": "1756-EN2F Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2F Series B: \u003c= 5.028",
"product_id": "CSAFPID-0043"
}
}
],
"category": "product_name",
"name": "1756-EN2F Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2F Series C: \u003c= 11.003",
"product_id": "CSAFPID-0044"
}
}
],
"category": "product_name",
"name": "1756-EN2F Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2FK Series A: \u003c= 5.008",
"product_id": "CSAFPID-0045"
}
}
],
"category": "product_name",
"name": "1756-EN2FK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2FK Series A: \u003c= 5.028",
"product_id": "CSAFPID-0046"
}
}
],
"category": "product_name",
"name": "1756-EN2FK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN2FK Series B: \u003c= 5.008",
"product_id": "CSAFPID-0047"
}
}
],
"category": "product_name",
"name": "1756-EN2FK Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN2FK Series B: \u003c= 5.028",
"product_id": "CSAFPID-0048"
}
}
],
"category": "product_name",
"name": "1756-EN2FK Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN2FK Series C: \u003c= 11.003",
"product_id": "CSAFPID-0049"
}
}
],
"category": "product_name",
"name": "1756-EN2FK Series C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN3TR Series A: \u003c= 5.008",
"product_id": "CSAFPID-0050"
}
}
],
"category": "product_name",
"name": "1756-EN3TR Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN3TR Series A: \u003c= 5.028",
"product_id": "CSAFPID-0051"
}
}
],
"category": "product_name",
"name": "1756-EN3TR Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN3TR Series B: \u003c= 11.003",
"product_id": "CSAFPID-0052"
}
}
],
"category": "product_name",
"name": "1756-EN3TR Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.008",
"product": {
"name": "1756-EN3TRK Series A: \u003c= 5.008",
"product_id": "CSAFPID-0053"
}
}
],
"category": "product_name",
"name": "1756-EN3TRK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.028",
"product": {
"name": "1756-EN3TRK Series A: \u003c= 5.028",
"product_id": "CSAFPID-0054"
}
}
],
"category": "product_name",
"name": "1756-EN3TRK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 11.003",
"product": {
"name": "1756-EN3TRK Series B: \u003c= 11.003",
"product_id": "CSAFPID-0055"
}
}
],
"category": "product_name",
"name": "1756-EN3TRK Series B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.001",
"product": {
"name": "1756-EN4TR Series A: \u003c= 5.001",
"product_id": "CSAFPID-0056"
}
}
],
"category": "product_name",
"name": "1756-EN4TR Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.001",
"product": {
"name": "1756-EN4TRK Series A: \u003c= 5.001",
"product_id": "CSAFPID-0057"
}
}
],
"category": "product_name",
"name": "1756-EN4TRK Series A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.001",
"product": {
"name": "1756-EN4TRXT Series A: \u003c= 5.001",
"product_id": "CSAFPID-0058"
}
}
],
"category": "product_name",
"name": "1756-EN4TRXT Series A"
}
],
"category": "vendor",
"name": "Rockwell Automation "
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-3595",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "Where this vulnerability exists in the 1756 EN2* and 1756 EN3* products, it could allow a malicious user to perform remote code execution with persistence on the target system through maliciously crafted CIP messages. This includes the ability to modify, deny, and exfiltrate data passing through the device. ",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3595"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Rockwell Automation has released the following versions to fix these vulnerabilities and can be addressed by performing a standard firmware update. Customers are strongly encouraged to implement the risk mitigations provided below and to the extent possible, to combine these with the security best practices to employ multiple strategies simultaneously.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
},
{
"category": "vendor_fix",
"details": "1756-EN2T Series A: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2T Series B: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2T Series C: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2T Series D: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0007"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TK Series A: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0008",
"CSAFPID-0009"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TK Series B: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0010",
"CSAFPID-0011"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TK Series C: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0012",
"CSAFPID-0013"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TK Series D: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0014"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TXT Series A: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0015",
"CSAFPID-0016"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TXT Series B: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0017",
"CSAFPID-0018"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TXT Series C: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0019",
"CSAFPID-0020"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TXT Series D: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0021"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TP Series A: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0022"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TPK Series A: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0023"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TPXT Series A: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0024"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TR Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0025",
"CSAFPID-0026"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TR Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0027",
"CSAFPID-0028"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TR Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0029"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRK Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0030",
"CSAFPID-0031"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRK Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0032",
"CSAFPID-0033"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRK Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0034"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRXT Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0035",
"CSAFPID-0036"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRXT Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0037",
"CSAFPID-0038"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRXT Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0039"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2F Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2F Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0042",
"CSAFPID-0043"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2F Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0044"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2FK Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0045",
"CSAFPID-0046"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2FK Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0047",
"CSAFPID-0048"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2FK Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0049"
]
},
{
"category": "vendor_fix",
"details": "1756-EN3TR Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0050",
"CSAFPID-0051"
]
},
{
"category": "vendor_fix",
"details": "1756-EN3TR Series B: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0052"
]
},
{
"category": "vendor_fix",
"details": "1756-EN3TRK Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0053",
"CSAFPID-0054"
]
},
{
"category": "vendor_fix",
"details": "1756-EN3TRK Series B: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0055"
]
},
{
"category": "vendor_fix",
"details": "1756-EN4TR Series A: Update to 5.002 or later",
"product_ids": [
"CSAFPID-0056"
]
},
{
"category": "vendor_fix",
"details": "1756-EN4TRK Series A: Update to 5.002 or later",
"product_ids": [
"CSAFPID-0057"
]
},
{
"category": "vendor_fix",
"details": "1756-EN4TRXT Series A: Update to 5.002 or later",
"product_ids": [
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "** Rockwell Automation strongly recommends updating to signed firmware if possible. Once the module is updated to signed firmware (example 5.008 to 5.0029), it is not possible to revert to unsigned firmware versions.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "Organizations should take the following actions to further secure ControlLogix communications modules from exploitation:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "Update firmware. Update EN2 * ControlLogix communications modules to firmware revision 11.004 and update EN4 * ControlLogix communications modules to firmware revision 5.002.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "Properly segment networks. Given a cyber actor would require network connectivity to the communication module to exploit the vulnerability, organizations should ensure ICS/SCADA networks are properly segmented within the process structure as well as from the Internet and other non-essential networks.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "Implement detection signatures. Use appended Snort signatures to monitor and detect anomalous Common Industrial Protocol (CIP) packets to Rockwell Automation devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "For more information and to see Rockwell\u0027s detection rules, see Rockwell Automation\u0027s Security Advisory.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
}
]
},
{
"cve": "CVE-2023-3596",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "Where this vulnerability exists in the 1756-EN4* products, it could allow a malicious user to cause a denial-of-service condition by asserting the target system through maliciously crafted CIP messages. ",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3596"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Rockwell Automation has released the following versions to fix these vulnerabilities and can be addressed by performing a standard firmware update. Customers are strongly encouraged to implement the risk mitigations provided below and to the extent possible, to combine these with the security best practices to employ multiple strategies simultaneously.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
},
{
"category": "vendor_fix",
"details": "1756-EN2T Series A: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2T Series B: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2T Series C: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0005",
"CSAFPID-0006"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2T Series D: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0007"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TK Series A: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0008",
"CSAFPID-0009"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TK Series B: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0010",
"CSAFPID-0011"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TK Series C: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0012",
"CSAFPID-0013"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TK Series D: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0014"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TXT Series A: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0015",
"CSAFPID-0016"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TXT Series B: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0017",
"CSAFPID-0018"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TXT Series C: Update to 5.029 or later signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0019",
"CSAFPID-0020"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TXT Series D: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0021"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TP Series A: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0022"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TPK Series A: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0023"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TPXT Series A: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0024"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TR Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0025",
"CSAFPID-0026"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TR Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0027",
"CSAFPID-0028"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TR Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0029"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRK Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0030",
"CSAFPID-0031"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRK Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0032",
"CSAFPID-0033"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRK Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0034"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRXT Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0035",
"CSAFPID-0036"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRXT Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0037",
"CSAFPID-0038"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2TRXT Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0039"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2F Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0040",
"CSAFPID-0041"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2F Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0042",
"CSAFPID-0043"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2F Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0044"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2FK Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0045",
"CSAFPID-0046"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2FK Series B: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0047",
"CSAFPID-0048"
]
},
{
"category": "vendor_fix",
"details": "1756-EN2FK Series C: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0049"
]
},
{
"category": "vendor_fix",
"details": "1756-EN3TR Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0050",
"CSAFPID-0051"
]
},
{
"category": "vendor_fix",
"details": "1756-EN3TR Series B: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0052"
]
},
{
"category": "vendor_fix",
"details": "1756-EN3TRK Series A: Update to 5.029 or later for signed versions (**recommended). Update to 5.009 for unsigned versions",
"product_ids": [
"CSAFPID-0053",
"CSAFPID-0054"
]
},
{
"category": "vendor_fix",
"details": "1756-EN3TRK Series B: Update to 11.004 or later",
"product_ids": [
"CSAFPID-0055"
]
},
{
"category": "vendor_fix",
"details": "1756-EN4TR Series A: Update to 5.002 or later",
"product_ids": [
"CSAFPID-0056"
]
},
{
"category": "vendor_fix",
"details": "1756-EN4TRK Series A: Update to 5.002 or later",
"product_ids": [
"CSAFPID-0057"
]
},
{
"category": "vendor_fix",
"details": "1756-EN4TRXT Series A: Update to 5.002 or later",
"product_ids": [
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "** Rockwell Automation strongly recommends updating to signed firmware if possible. Once the module is updated to signed firmware (example 5.008 to 5.0029), it is not possible to revert to unsigned firmware versions.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "Organizations should take the following actions to further secure ControlLogix communications modules from exploitation:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "Update firmware. Update EN2 * ControlLogix communications modules to firmware revision 11.004 and update EN4 * ControlLogix communications modules to firmware revision 5.002.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "Properly segment networks. Given a cyber actor would require network connectivity to the communication module to exploit the vulnerability, organizations should ensure ICS/SCADA networks are properly segmented within the process structure as well as from the Internet and other non-essential networks.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "Implement detection signatures. Use appended Snort signatures to monitor and detect anomalous Common Industrial Protocol (CIP) packets to Rockwell Automation devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "mitigation",
"details": "For more information and to see Rockwell\u0027s detection rules, see Rockwell Automation\u0027s Security Advisory.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
}
]
}
]
}
ghsa-qvv4-3g8f-rgjx
Vulnerability from github
Published
2023-07-12 15:30
Modified
2024-04-04 06:04
Severity ?
VLAI Severity ?
Details
Where this vulnerability exists in the Rockwell Automation 1756 EN2 and 1756 EN3 ControlLogix communication products, it could allow a malicious user to perform remote code execution with persistence on the target system through maliciously crafted CIP messages. This includes the ability to modify, deny, and exfiltrate data passing through the device.
{
"affected": [],
"aliases": [
"CVE-2023-3595"
],
"database_specific": {
"cwe_ids": [
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-07-12T13:15:09Z",
"severity": "CRITICAL"
},
"details": "\nWhere this vulnerability exists in the Rockwell Automation 1756 EN2* and 1756 EN3* ControlLogix communication products, it could allow a malicious user to perform remote code execution with persistence on the target system through maliciously crafted CIP messages. This includes the ability to modify, deny, and exfiltrate data passing through the device.\n\n",
"id": "GHSA-qvv4-3g8f-rgjx",
"modified": "2024-04-04T06:04:17Z",
"published": "2023-07-12T15:30:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3595"
},
{
"type": "WEB",
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
var-202307-1163
Vulnerability from variot
Where this vulnerability exists in the Rockwell Automation 1756 EN2 and 1756 EN3 ControlLogix communication products, it could allow a malicious user to perform remote code execution with persistence on the target system through maliciously crafted CIP messages. This includes the ability to modify, deny, and exfiltrate data passing through the device. 1756-en2f series a firmware, 1756-en2f series b firmware, 1756-en2f series c firmware etc. Rockwell Automation The product contains a vulnerability related to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Rockwell Automation 1756 is a scalable controller solution from Rockwell Automation, USA. It can address a large number of I/O points.
Rockwell Automation 1756 EN2 and 1756 EN3 have a denial of service vulnerability. The vulnerability is caused by the failure to properly handle the input error message
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202307-1163",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "1756-en2t series b",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": null
},
{
"model": "1756-en2t series d",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": null
},
{
"model": "1756-en2t series a",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": null
},
{
"model": "1756-en2f series b",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": null
},
{
"model": "1756-en2tr series b",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": null
},
{
"model": "1756-en3tr series b",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": null
},
{
"model": "1756-en2tr series c",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": null
},
{
"model": "1756-en2f series a",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": null
},
{
"model": "1756-en3tr series a",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": null
},
{
"model": "1756-en2f series c",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": null
},
{
"model": "1756-en2t series c",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": null
},
{
"model": "1756-en2tr series a",
"scope": "eq",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": null
},
{
"model": "1756-en2t series a",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "1756-en2tr series a",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "1756-en2f series a",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "1756-en2tr series b",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "1756-en2f series c",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "1756-en2t series c",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "1756-en2t series d",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "1756-en2t series b",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "1756-en2tr series c",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "1756-en3tr series a",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "1756-en2f series b",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "1756-en3tr series b",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "automation en2",
"scope": "eq",
"trust": 0.6,
"vendor": "rockwell",
"version": "1756"
},
{
"model": "automation en3",
"scope": "eq",
"trust": 0.6,
"vendor": "rockwell",
"version": "1756"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-16842"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-023079"
},
{
"db": "NVD",
"id": "CVE-2023-3595"
}
]
},
"cve": "CVE-2023-3595",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2024-16842",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2023-3595",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-3595",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2023-3595",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "PSIRT@rockwellautomation.com",
"id": "CVE-2023-3595",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2023-3595",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2024-16842",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-16842"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-023079"
},
{
"db": "NVD",
"id": "CVE-2023-3595"
},
{
"db": "NVD",
"id": "CVE-2023-3595"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "\nWhere this vulnerability exists in the Rockwell Automation 1756 EN2* and 1756 EN3* ControlLogix communication products, it could allow a malicious user to perform remote code execution with persistence on the target system through maliciously crafted CIP messages. This includes the ability to modify, deny, and exfiltrate data passing through the device. 1756-en2f series a firmware, 1756-en2f series b firmware, 1756-en2f series c firmware etc. Rockwell Automation The product contains a vulnerability related to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Rockwell Automation 1756 is a scalable controller solution from Rockwell Automation, USA. It can address a large number of I/O points. \n\nRockwell Automation 1756 EN2 and 1756 EN3 have a denial of service vulnerability. The vulnerability is caused by the failure to properly handle the input error message",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-3595"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-023079"
},
{
"db": "CNVD",
"id": "CNVD-2024-16842"
},
{
"db": "VULMON",
"id": "CVE-2023-3595"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-3595",
"trust": 3.9
},
{
"db": "ICS CERT",
"id": "ICSA-23-193-01",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU95608136",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2023-023079",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2024-16842",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.3937",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202307-1094",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-3595",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-16842"
},
{
"db": "VULMON",
"id": "CVE-2023-3595"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-023079"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-1094"
},
{
"db": "NVD",
"id": "CVE-2023-3595"
}
]
},
"id": "VAR-202307-1163",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-16842"
}
],
"trust": 1.01666666
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-16842"
}
]
},
"last_update_date": "2024-08-14T13:52:21.307000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Rockwell Automation 1756 EN2 and 1756 EN3 Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/539901"
},
{
"title": "Rockwell Automation 1756 EN2 and 1756 EN3 Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=246124"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-16842"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-1094"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "Out-of-bounds writing (CWE-787) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-023079"
},
{
"db": "NVD",
"id": "CVE-2023-3595"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-3595"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu95608136/"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-193-01"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.3937"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-3595/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-16842"
},
{
"db": "VULMON",
"id": "CVE-2023-3595"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-023079"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-1094"
},
{
"db": "NVD",
"id": "CVE-2023-3595"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2024-16842"
},
{
"db": "VULMON",
"id": "CVE-2023-3595"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-023079"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-1094"
},
{
"db": "NVD",
"id": "CVE-2023-3595"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-04-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-16842"
},
{
"date": "2023-07-12T00:00:00",
"db": "VULMON",
"id": "CVE-2023-3595"
},
{
"date": "2024-01-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-023079"
},
{
"date": "2023-07-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202307-1094"
},
{
"date": "2023-07-12T13:15:09.880000",
"db": "NVD",
"id": "CVE-2023-3595"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-04-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-16842"
},
{
"date": "2023-07-12T00:00:00",
"db": "VULMON",
"id": "CVE-2023-3595"
},
{
"date": "2024-01-25T06:31:00",
"db": "JVNDB",
"id": "JVNDB-2023-023079"
},
{
"date": "2023-07-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202307-1094"
},
{
"date": "2023-07-25T19:55:53.177000",
"db": "NVD",
"id": "CVE-2023-3595"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202307-1094"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Rockwell\u00a0Automation\u00a0 Out-of-bounds write vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-023079"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202307-1094"
}
],
"trust": 0.6
}
}
gsd-2023-3595
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
Where this vulnerability exists in the Rockwell Automation 1756 EN2* and 1756 EN3* ControlLogix communication products, it could allow a malicious user to perform remote code execution with persistence on the target system through maliciously crafted CIP messages. This includes the ability to modify, deny, and exfiltrate data passing through the device.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-3595",
"id": "GSD-2023-3595"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-3595"
],
"details": "\nWhere this vulnerability exists in the Rockwell Automation 1756 EN2* and 1756 EN3* ControlLogix communication products, it could allow a malicious user to perform remote code execution with persistence on the target system through maliciously crafted CIP messages. This includes the ability to modify, deny, and exfiltrate data passing through the device.\n\n",
"id": "GSD-2023-3595",
"modified": "2023-12-13T01:20:54.910184Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@rockwellautomation.com",
"ID": "CVE-2023-3595",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "1756-EN2T Series A, B, C",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003c=5.008 \u0026 5.028"
}
]
}
},
{
"product_name": "1756-EN2T Series D",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003c=11.003"
}
]
}
},
{
"product_name": "1756-EN2TK Series A, B, C",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003c=5.008 \u0026 5.028"
}
]
}
},
{
"product_name": "1756-EN2TXT Series A, B, C",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003c=5.008 \u0026 5.028"
}
]
}
},
{
"product_name": "1756-EN2TXT Series D",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003c=11.003"
}
]
}
},
{
"product_name": "1756-EN2TP Series A",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003c=11.003"
}
]
}
},
{
"product_name": "1756-EN2TPK Series A",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003c=11.003"
}
]
}
},
{
"product_name": "1756-EN2TR Series A, B",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003c=5.008 \u0026 5.028"
}
]
}
},
{
"product_name": "1756-EN2TR Series C",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003c=11.003"
}
]
}
},
{
"product_name": "1756-EN2TRK Series A, B",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003c=5.008 \u0026 5.028"
}
]
}
},
{
"product_name": "1756-EN2TRK Series C",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003c=11.003"
}
]
}
},
{
"product_name": "1756-EN2TRXT Series A, B",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003c=5.008 \u0026 5.028"
}
]
}
},
{
"product_name": "1756-EN2TRXT Series C",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003c=11.003"
}
]
}
},
{
"product_name": "1756-EN2F Series A, B",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003c=5.008 \u0026 5.028"
}
]
}
},
{
"product_name": "1756-EN2F Series C",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003c=11.003"
}
]
}
},
{
"product_name": "1756-EN2FK Series A, B",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003c=5.008 \u0026 5.028"
}
]
}
},
{
"product_name": "1756-EN2FK Series C",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003c=11.003"
}
]
}
},
{
"product_name": "1756-EN3TR Series A",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003c=5.008 \u0026 5.028"
}
]
}
},
{
"product_name": "1756-EN3TR Series B",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003c=11.003"
}
]
}
},
{
"product_name": "1756-EN3TRK Series A",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003c=5.008 \u0026 5.028"
}
]
}
},
{
"product_name": "1756-EN3TRK Series B",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003c=11.003"
}
]
}
}
]
},
"vendor_name": "Rockwell Automation"
},
{
"product": {
"product_data": [
{
"product_name": "1756-EN2TPXT Series A",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003c=11.003"
}
]
}
}
]
},
"vendor_name": "Rockwell Auotmation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "\nWhere this vulnerability exists in the Rockwell Automation 1756 EN2* and 1756 EN3* ControlLogix communication products, it could allow a malicious user to perform remote code execution with persistence on the target system through maliciously crafted CIP messages. This includes the ability to modify, deny, and exfiltrate data passing through the device.\n\n"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-787",
"lang": "eng",
"value": "CWE-787 Out-of-bounds Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010",
"refsource": "MISC",
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010"
}
]
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cul\u003e\u003cli\u003e\u003cstrong\u003eUpdate firmware.\u003c/strong\u003e\u0026nbsp;Update EN2* ControlLogix communications modules to mitigated firmware.\u003c/li\u003e\u003cli\u003e\u003cstrong\u003eProperly segment networks.\u003c/strong\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\u0026nbsp;Given a cyber actor would require network connectivity to the communication module to exploit the vulnerability, organizations should ensure ICS/SCADA networks are properly segmented within the process structure as well as from the Internet and other non-essential networks.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cstrong\u003eImplement detection signatures.\u003c/strong\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\u0026nbsp;Use appended Snort signatures to monitor and detect anomalous Common Industrial Protocol (CIP) packets to Rockwell Automation devices.\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e\n\n"
}
],
"value": "\n * Update firmware.\u00a0Update EN2* ControlLogix communications modules to mitigated firmware.\n * Properly segment networks.\u00a0Given a cyber actor would require network connectivity to the communication module to exploit the vulnerability, organizations should ensure ICS/SCADA networks are properly segmented within the process structure as well as from the Internet and other non-essential networks.\n * Implement detection signatures.\u00a0Use appended Snort signatures to monitor and detect anomalous Common Industrial Protocol (CIP) packets to Rockwell Automation devices.\n\n\n\n\n"
}
],
"source": {
"discovery": "UNKNOWN"
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:rockwellautomation:1756-en2f_series_a_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:1756-en2f_series_a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:rockwellautomation:1756-en2f_series_b_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:1756-en2f_series_b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:rockwellautomation:1756-en2f_series_c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:1756-en2f_series_c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:rockwellautomation:1756-en2t_series_a_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:1756-en2t_series_a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:rockwellautomation:1756-en2t_series_b_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:1756-en2t_series_b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:rockwellautomation:1756-en2t_series_c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:1756-en2t_series_c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:rockwellautomation:1756-en2t_series_d_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:1756-en2t_series_d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:rockwellautomation:1756-en2tr_series_a_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:1756-en2tr_series_a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:rockwellautomation:1756-en2tr_series_b_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:1756-en2tr_series_b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:rockwellautomation:1756-en2tr_series_c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:1756-en2tr_series_c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:rockwellautomation:1756-en3tr_series_a_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:1756-en3tr_series_a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:rockwellautomation:1756-en3tr_series_b_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:1756-en3tr_series_b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@rockwellautomation.com",
"ID": "CVE-2023-3595"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "\nWhere this vulnerability exists in the Rockwell Automation 1756 EN2* and 1756 EN3* ControlLogix communication products, it could allow a malicious user to perform remote code execution with persistence on the target system through maliciously crafted CIP messages. This includes the ability to modify, deny, and exfiltrate data passing through the device.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010",
"refsource": "MISC",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2023-07-25T19:55Z",
"publishedDate": "2023-07-12T13:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…