CVE-2016-9343 — CRITICAL (10.0)

Vulnerability Description

An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service.

CVSS Score

10.0

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Rockwellautomation	Softlogix 5800 Controller Firmware	18.00
Rockwellautomation	Softlogix 5800 Controller	-
Rockwellautomation	Rslogix Emulate 5000 Firmware	18.00
Rockwellautomation	Rslogix Emulate 5000	-
Rockwellautomation	Guardlogix 5570 Controller Firmware	16.00
Rockwellautomation	Guardlogix 5570 Controller	-
Rockwellautomation	Flexlogix L34 Controller Firmware	16.00
Rockwellautomation	Flexlogix L34 Controller	-
Rockwellautomation	Controllogix L55 Controller Firmware	16.00
Rockwellautomation	Controllogix L55 Controller	-
Rockwellautomation	Controllogix 5570 Redundant Controller Firmware	20.00
Rockwellautomation	Controllogix 5570 Redundant Controller	-
Rockwellautomation	Controllogix 5570 Controller Firmware	18.00
Rockwellautomation	Controllogix 5570 Controller	-
Rockwellautomation	Controllogix 5560 Redundant Controller Firmware	16.00
Rockwellautomation	Controllogix 5560 Redundant Controller	-
Rockwellautomation	Controllogix 5560 Controller Firmware	16.00
Rockwellautomation	Controllogix 5560 Controller	-
Rockwellautomation	1769 Compactlogix L3X Controller Firmware	16.00
Rockwellautomation	1769 Compactlogix L3X Controller	-

Related Weaknesses (CWE)

CWE-787

References

http://www.securityfocus.com/bid/95304Third Party AdvisoryVDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05Third Party AdvisoryUS Government Resource
http://www.securityfocus.com/bid/95304Third Party AdvisoryVDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05Third Party AdvisoryUS Government Resource

FAQ

What is CVE-2016-9343?

CVE-2016-9343 is a vulnerability with a CVSS score of 10.0 (CRITICAL). An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sen...

How severe is CVE-2016-9343?

CVE-2016-9343 has been rated CRITICAL with a CVSS base score of 10.0/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2016-9343?

Check the references section above for vendor advisories and patch information. Affected products include: Rockwellautomation Softlogix 5800 Controller Firmware, Rockwellautomation Softlogix 5800 Controller, Rockwellautomation Rslogix Emulate 5000 Firmware, Rockwellautomation Rslogix Emulate 5000, Rockwellautomation Guardlogix 5570 Controller Firmware.