Описание
Industrial Control Systems Network Protocol Parsers (ICSNPP) - Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds write in their primary analyses function for Ethercat communication packets. This could allow an attacker to cause arbitrary code execution.
Ссылки
- US Government ResourceVendor Advisory
- US Government ResourceVendor Advisory
Уязвимые конфигурации
EPSS
9.8 Critical
CVSS3
Дефекты
Связанные уязвимости
Industrial Control Systems Network Protocol Parsers (ICSNPP) - Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds write in their primary analyses function for Ethercat communication packets. This could allow an attacker to cause arbitrary code execution.
Уязвимость анализатора сетевых протоколов промышленных систем управления (Zeek plugin) ICSNPP-Ethercat, связанная с записью за границами буфера в памяти, позволяющая нарушителю выполнить произвольный код
EPSS
9.8 Critical
CVSS3