February 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – ICS: Delta Electronics DIAScreen Vulnerability
September 22, 2023Rewterz Threat Alert – North Korea Linked Konni APT Group – Active IOCs
September 22, 2023Rewterz Threat Advisory – ICS: Delta Electronics DIAScreen Vulnerability
September 22, 2023Rewterz Threat Alert – North Korea Linked Konni APT Group – Active IOCs
September 22, 2023
Severity
High
Analysis Summary
CVE-2023-2262
Rockwell Automation Select Logix Communication Modules are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. By sending a maliciously crafted CIP request, a remote attacker could overflow a buffer and execute arbitrary code on the system.
Impact
- Buffer Overflow
Indicators Of Compromise
CVE
- CVE-2023-2262
Affected Vendors
Rockwell Automation
Affected Products
- Rockwell Automation 1756 ControlLogix EtherNet/IP Communications Modules 1756-EN2T Series A
- Rockwell Automation 1756 ControlLogix EtherNet/IP Communications Modules 1756-EN2T Series B
- Rockwell Automation 1756 ControlLogix EtherNet/IP Communications Modules 1756-EN2T Series C
- Rockwell Automation 1756 ControlLogix EtherNet/IP Communications Modules 1756-EN2T Series D 10.10
- Rockwell Automation 1756 ControlLogix EtherNet/IP Communications Modules 1756-EN2TR Series A
- Rockwell Automation 1756 ControlLogix EtherNet/IP Communications Modules 1756-EN2TR Series B
- Rockwell Automation 1756 ControlLogix EtherNet/IP Communications Modules 1756-EN2TR Series C 10.10
- Rockwell Automation 1756 ControlLogix EtherNet/IP Communications Modules 1756-EN3TR Series A
- Rockwell Automation 1756 ControlLogix EtherNet/IP Communications Modules 1756-EN3TR Series B 10.10
Remediation
Refer to Rockwell Automation Web site for patch, upgrade or suggested workaround information.