Vulnerability Description
Stack-based buffer overflow on Rockwell Automation Allen-Bradley MicroLogix 1100 devices A through 15.000 and B before 15.002 allows remote attackers to execute arbitrary code via a crafted web request.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rockwellautomation | Ab Micrologix Controller | 1100 |
| Rockwellautomation | 1763-L16Awa Series A | 15.000 |
| Rockwellautomation | 1763-L16Awa Series B | 15.000 |
| Rockwellautomation | 1763-L16Bbb Series A | 15.000 |
| Rockwellautomation | 1763-L16Bbb Series B | 15.000 |
| Rockwellautomation | 1763-L16Bwa Series A | 15.000 |
| Rockwellautomation | 1763-L16Bwa Series B | 15.000 |
| Rockwellautomation | 1763-L16Dwd Series A | 15.000 |
| Rockwellautomation | 1763-L16Dwd Series B | 15.000 |
Related Weaknesses (CWE)
References
- http://www.securitytracker.com/id/1034861Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-16-026-02Third Party AdvisoryUS Government Resource
- http://www.securitytracker.com/id/1034861Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-16-026-02Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2016-0868?
CVE-2016-0868 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Stack-based buffer overflow on Rockwell Automation Allen-Bradley MicroLogix 1100 devices A through 15.000 and B before 15.002 allows remote attackers to execute arbitrary code via a crafted web reques...
How severe is CVE-2016-0868?
CVE-2016-0868 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2016-0868?
Check the references section above for vendor advisories and patch information. Affected products include: Rockwellautomation Ab Micrologix Controller, Rockwellautomation 1763-L16Awa Series A, Rockwellautomation 1763-L16Awa Series B, Rockwellautomation 1763-L16Bbb Series A, Rockwellautomation 1763-L16Bbb Series B.