Rockwell Automation ControlLogix PLC Improper Access Control

When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP that changes the product’s configuration and network parameters, a DoS condition can occur. This situation could cause loss of availability and a disruption of communication with other connected devices.  Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400

N/A

访问控制不恰当

Rockwell Automation ControlLogix 远程拒绝服务漏洞

Rockwell Automation ControlLogix提供工业自动化控制和信息产品。 Rockwell Automation ControlLogix在处理某些来自未授权或意外源的有效CIP报文时存在安全漏洞，当向端口2222/TCP，Port 2222/UDP，Port 44818/TCP，Port 44818/UDP发送特制的CIP报文，更改产品配置和网络参数时，此漏洞可造成CPU拒绝服务。

N/A

N/A