CyberSec.Space Logo
Back to CVE Browser

CVE-2019-6553

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0460%
EPSS Percentile32.42th
PublishedApr 4, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

A vulnerability was found in Rockwell Automation RSLinx Classic versions 4.10.00 and prior. An input validation issue in a .dll file of RSLinx Classic where the data in a Forward Open service request is passed to a fixed size buffer, allowing an attacker to exploit a stack-based buffer overflow condition.

Affected Platforms (CPE)

📦
Rockwellautomation

Rslinx

<= 4.10.00

References & Advisories

🔗 https://ics-cert.us-cert.gov/advisories/ICSA-19-064-01
🔗 https://ics-cert.us-cert.gov/advisories/ICSA-19-064-01

Related Vulnerabilities

CVE-2012-471510.0

Buffer overflow in LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5...

CVE-2018-148299.8

Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vulnerability may allow a remote threat actor to intentionally...

CVE-2020-120019.8

FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and p...

CVE-2011-25309.3

Buffer overflow in RSEds.dll in RSHWare.exe in the EDS Hardware Installation Tool 1.0.5.1 and earlier in Rockwell Automation RSLin...