Stack-based Buffer Overflow in Rockwell Automation Logix5000 Programmable Automation Controller

Stack-based Buffer Overflow in Rockwell Automation Logix5000 Programmable Automation Controller

CVE-2016-9343 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service.

Learn more about our Industrial Pen Testing.