{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-2262", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "state": "PUBLISHED", "assignerShortName": "Rockwell", "dateReserved": "2023-04-24T21:35:54.200Z", "datePublished": "2023-09-20T15:20:23.700Z", "dateUpdated": "2023-09-20T15:47:00.968Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "1756-EN2T Series A, B, C", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<=5.008 & 5.028"}]}, {"defaultStatus": "unaffected", "product": "1756-EN2T Series D", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<=11.002"}]}, {"defaultStatus": "unaffected", "product": "1756-EN2TK Series A, B, C", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<=5.008 & 5.028"}]}, {"defaultStatus": "unaffected", "product": "1756-EN2TXT Series A, B, C", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<=5.008 & 5.028"}]}, {"defaultStatus": "unaffected", "product": "1756-EN2TXT Series D", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<=11.002"}]}, {"defaultStatus": "unaffected", "product": "1756-EN2TP Series A", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<=11.002"}]}, {"defaultStatus": "unaffected", "product": "1756-EN2TPK Series A", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<=11.002"}]}, {"defaultStatus": "unaffected", "product": "1756-EN2TPXT Series A", "vendor": "Rockwell Auotmation", "versions": [{"status": "affected", "version": "<=11.002"}]}, {"defaultStatus": "unaffected", "product": "1756-EN2TR Series A, B", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<=5.008 & 5.028"}]}, {"defaultStatus": "unaffected", "product": "1756-EN2TR Series C", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<=11.002"}]}, {"defaultStatus": "unaffected", "product": "1756-EN2TRK Series A, B", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<=5.008 & 5.028"}]}, {"defaultStatus": "unaffected", "product": "1756-EN2TRK Series C", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<=11.002"}]}, {"defaultStatus": "unaffected", "product": "1756-EN2TRXT Series A, B", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<=5.008 & 5.028"}]}, {"defaultStatus": "unaffected", "product": "1756-EN2TRXT Series C", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<=11.002"}]}, {"defaultStatus": "unaffected", "product": "1756-EN2F Series A, B", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<=5.008 & 5.028"}]}, {"defaultStatus": "unaffected", "product": "1756-EN2F Series C", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<=11.002"}]}, {"defaultStatus": "unaffected", "product": "1756-EN2FK Series A, B", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<=5.008 & 5.028"}]}, {"defaultStatus": "unaffected", "product": "1756-EN2FK Series C", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<=11.002"}]}, {"defaultStatus": "unaffected", "product": "1756-EN3TR Series A", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<=5.008 & 5.028"}]}, {"defaultStatus": "unaffected", "product": "1756-EN3TR Series B", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<=11.003"}]}, {"defaultStatus": "unaffected", "product": "1756-EN3TRK Series A", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<=5.008 & 5.028"}]}, {"defaultStatus": "unaffected", "product": "1756-EN3TRK Series B", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<=11.002"}]}], "datePublic": "2023-09-12T12:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">A buffer overflow vulnerability exists in the Rockwell Automation select 1756-EN* communication devices. If exploited, a threat actor could potentially leverage this vulnerability to perform a remote code execution. To exploit this vulnerability, a threat actor would have to send a maliciously crafted CIP request to device.</span>\n\n</span>\n\n"}], "value": "\n\n\nA buffer overflow vulnerability exists in the Rockwell Automation select 1756-EN* communication devices. If exploited, a threat actor could potentially leverage this vulnerability to perform a remote code execution. To exploit this vulnerability, a threat actor would have to send a maliciously crafted CIP request to device.\n\n\n\n"}], "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2023-09-20T15:47:00.968Z"}, "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140786"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<strong>Update firmware.</strong>&nbsp;Update EN2* ControlLogix communications modules to mitigated firmware.<br><ul><li>Restrict traffic to the SMTP port (25), if not needed.</li><li>Customers using the EN2/EN3 versions 10.x and higher can disable the email object, if not needed. Instructions can be found in the <a target=\"_blank\" rel=\"nofollow\" href=\"https://literature.rockwellautomation.com/idc/groups/literature/documents/um/enet-um006_-en-p.pdf\">EtherNet/IP Network Devices User Manual (rockwellautomation.com)</a><span style=\"background-color: var(--wht);\">, publication ENET-UM006.</span></li><li><a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012\">QA43240 - Recommended Security Guidelines from Rockwell Automation</a></li></ul>\n\n"}], "value": "Update firmware.\u00a0Update EN2* ControlLogix communications modules to mitigated firmware.\n * Restrict traffic to the SMTP port (25), if not needed.\n * Customers using the EN2/EN3 versions 10.x and higher can disable the email object, if not needed. Instructions can be found in the EtherNet/IP Network Devices User Manual (rockwellautomation.com) https://literature.rockwellautomation.com/idc/groups/literature/documents/um/enet-um006_-en-p.pdf , publication ENET-UM006.\n * QA43240 - Recommended Security Guidelines from Rockwell Automation https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012 \n\n\n\n\n"}], "source": {"discovery": "UNKNOWN"}, "title": "Rockwell Automation Select Logix Communication Modules Vulnerable to Email Object Buffer Overflow", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2t_series_a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C4DBA36D-99FB-4A94-9141-EBFF99D1E574", "versionEndIncluding": "5.028", "versionStartIncluding": "5.008", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2t_series_a:-:*:*:*:*:*:*:*", "matchCriteriaId": "BBB6A3C1-6419-4CDB-B7F5-57F20DA43C5A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2t_series_b_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "32C3D42D-B4C8-411F-A18D-5390A9D73A7D", "versionEndIncluding": "5.028", "versionStartIncluding": "5.008", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2t_series_b:-:*:*:*:*:*:*:*", "matchCriteriaId": "5E9D2541-B0DB-4925-ACD6-FCC2A028FA4A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2t_series_c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1E02DF41-BD77-4058-BC32-CF60E464A236", "versionEndIncluding": "5.028", "versionStartIncluding": "5.008", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2t_series_c:-:*:*:*:*:*:*:*", "matchCriteriaId": "13581B79-89FF-42F0-93C1-CB77582E7303", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2t_series_d_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "53C2B946-EE0C-4074-832E-3B6803EBBF50", "versionEndIncluding": "11.002", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2t_series_d:-:*:*:*:*:*:*:*", "matchCriteriaId": "F71090C1-36AD-4A1B-92B5-CB391593DF4B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2tk_series_a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "05DDAA44-9D89-4625-83CE-60E4342D49C5", "versionEndIncluding": "5.028", "versionStartIncluding": "5.008", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2tk_series_a:-:*:*:*:*:*:*:*", "matchCriteriaId": "7D480985-3B35-4A8A-A34D-102D7158CC82", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2tk_series_b_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3751BAE8-EE9F-4BCB-B5D5-72F41A5F1F9A", "versionEndIncluding": "5.028", "versionStartIncluding": "5.008", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2tk_series_b:-:*:*:*:*:*:*:*", "matchCriteriaId": "325A07AC-6968-4735-822B-41FD1825BB2F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2tk_series_c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "508777D7-8F16-4CE0-AAB6-CB27C4B8ED3F", "versionEndIncluding": "5.028", "versionStartIncluding": "5.008", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2tk_series_c:-:*:*:*:*:*:*:*", "matchCriteriaId": "FEEC7331-AFCF-4636-BCA4-DA112B347EC1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2txt_series_a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B444F7C2-16D8-4DC9-8199-04924E1E7B92", "versionEndIncluding": "5.028", "versionStartIncluding": "5.008", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2txt_series_a:-:*:*:*:*:*:*:*", "matchCriteriaId": "EC3AEB33-A244-450E-B17B-FAE7AF34961B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2txt_series_b_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BEF0E489-BC63-41AB-BDC5-6BFAFD2494E8", "versionEndIncluding": "5.028", "versionStartIncluding": "5.008", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2txt_series_b:-:*:*:*:*:*:*:*", "matchCriteriaId": "B9BC83C6-6158-4579-90BA-2BD28A7E1170", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2txt_series_c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "95118309-A0B0-467A-B347-26F9F79A0839", "versionEndIncluding": "5.028", "versionStartIncluding": "5.008", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2txt_series_c:-:*:*:*:*:*:*:*", "matchCriteriaId": "9D40957C-6FC4-47DB-95D7-605402131B69", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2txt_series_d_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CE24707E-803D-473C-A106-F3ADBC1E9C5A", "versionEndIncluding": "11.002", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2txt_series_d:-:*:*:*:*:*:*:*", "matchCriteriaId": "37026F7B-79F3-4979-A110-92F851DCA216", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2tp_series_a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B8FE7C9F-A1F8-46F0-B20E-FD1552D900D1", "versionEndIncluding": "11.002", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2tp_series_a:-:*:*:*:*:*:*:*", "matchCriteriaId": "BE460FB3-5810-46C2-B3AC-F858B472BF1F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2tpk_series_a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C0302BF7-FBB1-49DC-A194-D137C4D8BBA9", "versionEndIncluding": "11.002", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2tpk_series_a:-:*:*:*:*:*:*:*", "matchCriteriaId": "9BF8A626-59FF-4C66-9EE4-EB0D482B3820", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2tr_series_a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FFB1559A-5FBE-4C4E-80F6-8C813A7976DE", "versionEndIncluding": "5.028", "versionStartIncluding": "5.008", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2tr_series_a:-:*:*:*:*:*:*:*", "matchCriteriaId": "A4A8E21A-3826-497C-9F3D-6D9091AD7647", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2tr_series_b_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "131008C1-59BF-4ADE-A1CE-C9058F9100AD", "versionEndIncluding": "5.028", "versionStartIncluding": "5.008", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2tr_series_b:-:*:*:*:*:*:*:*", "matchCriteriaId": "8607CD0D-0EE7-41CF-8E00-C0F5C83646A8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2tr_series_c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4A67C49B-19D2-473B-B9AD-27AC74AE5C7F", "versionEndIncluding": "11.002", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2tr_series_c:-:*:*:*:*:*:*:*", "matchCriteriaId": "D58BA41B-3859-4489-9C74-730C27B1EFF0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2trk_series_a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A80FC9CC-8B5C-418E-8FB3-B3C706293FA5", "versionEndIncluding": "5.028", "versionStartIncluding": "5.008", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2trk_series_a:-:*:*:*:*:*:*:*", "matchCriteriaId": "B9F91938-5D18-4E16-AA0F-F4DF00687D00", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2trk_series_b_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "26482AD1-303B-4307-995E-6D95DA4FDAC8", "versionEndIncluding": "5.028", "versionStartIncluding": "5.008", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2trk_series_b:-:*:*:*:*:*:*:*", "matchCriteriaId": "73727644-A065-4B66-B61D-6C088D602FB4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2trk_series_c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2C2A0650-380A-46C5-BC68-E648DACB1868", "versionEndIncluding": "11.002", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2trk_series_c:-:*:*:*:*:*:*:*", "matchCriteriaId": "25989A49-1E62-42CC-9D24-0F4D207B4E1F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2trxt_series_a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2C7F5983-9E14-4324-88F3-30CAFB8A8EE7", "versionEndIncluding": "5.028", "versionStartIncluding": "5.008", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2trxt_series_a:-:*:*:*:*:*:*:*", "matchCriteriaId": "3D063D86-05AF-4420-AB45-72B367166620", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2trxt_series_b_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "16EA785E-9F3A-4E43-B7E1-94C4512F742A", "versionEndIncluding": "5.028", "versionStartIncluding": "5.008", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2trxt_series_b:-:*:*:*:*:*:*:*", "matchCriteriaId": "80C03E47-C8C1-489F-8ADB-C6329DA30054", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2trxt_series_c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AEF6A316-666D-43DE-8E73-50ADC25B336B", "versionEndIncluding": "11.002", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2trxt_series_c:-:*:*:*:*:*:*:*", "matchCriteriaId": "75B1E8C2-F8CD-47BA-9707-68899F574AD3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2f_series_a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "83A96B74-2AB7-4476-8709-F22882456E3F", "versionEndIncluding": "5.028", "versionStartIncluding": "5.008", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2f_series_a:-:*:*:*:*:*:*:*", "matchCriteriaId": "97AC710F-97B3-47A1-86EC-3148A21F16B2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2f_series_b_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "83636475-1F9E-4ECE-89AE-0345CAA6F7C9", "versionEndIncluding": "5.028", "versionStartIncluding": "5.008", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2f_series_b:-:*:*:*:*:*:*:*", "matchCriteriaId": "FA49358A-F76E-4DEC-994C-B988DE38BF7F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2f_series_c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "62832BDF-688B-4971-8B3C-3D0E0276CE42", "versionEndIncluding": "11.002", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2f_series_c:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6E5B08F-BD0C-4B3F-9897-61C945981CC6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2fk_series_a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "289F93E6-788E-4621-94C1-5AD3DE56A77D", "versionEndIncluding": "5.028", "versionStartIncluding": "5.008", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2fk_series_a:-:*:*:*:*:*:*:*", "matchCriteriaId": "53749A0B-6308-42F2-A778-9CA5BF21C37F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2fk_series_b_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "233B8526-AD4B-4991-B5BE-3267867F593A", "versionEndIncluding": "5.028", "versionStartIncluding": "5.008", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2fk_series_b:-:*:*:*:*:*:*:*", "matchCriteriaId": "017D3B94-CAA5-4C95-84EA-E838C67612BB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2fk_series_c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "700D2CD0-9CF9-419E-8F9B-6430C7791EF3", "versionEndIncluding": "11.002", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2fk_series_c:-:*:*:*:*:*:*:*", "matchCriteriaId": "99CAC24D-C56D-40A6-9359-404666B8BADB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en3tr_series_a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "427C6170-07F0-4FE9-B215-F0233CED1639", "versionEndIncluding": "5.028", "versionStartIncluding": "5.008", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en3tr_series_a:-:*:*:*:*:*:*:*", "matchCriteriaId": "4824C266-82B1-4B74-AF72-BFCEF0547023", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en3tr_series_b_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "60BA33FE-B54E-41EC-A76A-2303005165A3", "versionEndIncluding": "11.003", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en3tr_series_b:-:*:*:*:*:*:*:*", "matchCriteriaId": "14CF3A11-7130-420A-B99E-8FADA7C23484", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en3trk_series_a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4BE75A9F-343E-4620-B20E-04F27D94E522", "versionEndIncluding": "5.028", "versionStartIncluding": "5.008", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en3trk_series_a:-:*:*:*:*:*:*:*", "matchCriteriaId": "F0DD4F4F-B818-4A28-80DA-39C567776EA7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en3trk_series_b_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "05E51589-EF0A-46E5-8DD9-4791BB562FD1", "versionEndIncluding": "11.002", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en3trk_series_b:-:*:*:*:*:*:*:*", "matchCriteriaId": "585547DE-D77F-43BC-BEE1-F17F1F2DD413", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en2tpxt_series_a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7311B9BB-46B5-4870-A6A0-1516B10F78B2", "versionEndIncluding": "11.002", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en2tpxt_series_a:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E85798C-F5A5-4AF6-881A-27D5C66395E3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "\n\n\nA buffer overflow vulnerability exists in the Rockwell Automation select 1756-EN* communication devices. If exploited, a threat actor could potentially leverage this vulnerability to perform a remote code execution. To exploit this vulnerability, a threat actor would have to send a maliciously crafted CIP request to device.\n\n\n\n"}, {"lang": "es", "value": "Existe una vulnerabilidad de Desbordamiento del B\u00fafer en determinados dispositivos de comunicaci\u00f3n 1756-EN* de Rockwell Automation. Si se explota, un actor de amenazas podr\u00eda aprovechar esta vulnerabilidad para realizar una ejecuci\u00f3n remota de c\u00f3digo. Para aprovechar esta vulnerabilidad, un actor de amenazas tendr\u00eda que enviar una solicitud CIP manipulada con fines maliciosos al dispositivo."}], "id": "CVE-2023-2262", "lastModified": "2023-09-22T18:01:44.480", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}]}, "published": "2023-09-20T16:15:12.257", "references": [{"source": "PSIRT@rockwellautomation.com", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140786"}], "sourceIdentifier": "PSIRT@rockwellautomation.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-121"}], "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}]}

{}