Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An exploitable denial of service vulnerability exists in the ENIP Request Path Data Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability.If the Simple Segment Sub-Type is supplied, the device treats the byte following as the Data Size in words. When this value represents a size greater than what remains in the packet data, the device enters a fault state where communication with the device is lost and a physical power cycle is required.
CVSS Information
N/A
Vulnerability Type
未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)
Vulnerability Title
Allen-Bradley Flex IO 安全漏洞
Vulnerability Description
Allen-Bradley Flex IO是美国艾伦-布拉德利(Allen-Bradley)的一个工业自动化控制系统中的远程IO套件。 Allen-Bradley Flex IO 1794-AENT/B存在安全漏洞,该漏洞源于ENIP请求路径数据段功能中存在一个可利用的拒绝服务漏洞。 攻击者可利用该漏洞导致与设备的通信中断,从而导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A