CVE-2016-5814

Опубликовано: 19 сент. 2016

Источник: nvd

CVSS3: 8.6

CVSS2: 9.3

EPSS Низкий

Описание

Buffer overflow in Rockwell Automation RSLogix Micro Starter Lite, RSLogix Micro Developer, RSLogix 500 Starter Edition, RSLogix 500 Standard Edition, and RSLogix 500 Professional Edition allows remote attackers to execute arbitrary code via a crafted RSS project file.

Ссылки

http://www.securityfocus.com/bid/92983
https://ics-cert.us-cert.gov/advisories/ICSA-16-224-02
Mitigation
Patch
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/92983
https://ics-cert.us-cert.gov/advisories/ICSA-16-224-02
Mitigation
Patch
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:rockwellautomation:rslogix_500_professional_edition:-:*:*:*:*:*:*:*

cpe:2.3:a:rockwellautomation:rslogix_500_standard_edition:-:*:*:*:*:*:*:*

cpe:2.3:a:rockwellautomation:rslogix_500_starter_edition:-:*:*:*:*:*:*:*

cpe:2.3:a:rockwellautomation:rslogix_micro_developer:-:*:*:*:*:*:*:*

cpe:2.3:a:rockwellautomation:rslogix_micro_starter_lite:-:*:*:*:*:*:*:*

EPSS

Процентиль: 69%

0.00618

Низкий

8.6 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-mpgm-6qc4-8g6x