Short Name |
APP:CVE-2018-14821-BO |
---|---|
Severity |
Major |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Rockwell Automation RSLinx Classic CIP SendRRData CVE-2018-14821 Heap Buffer Overflow |
Release Date |
2019/02/25 |
Update Number |
3145 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against Rockwell Automation RSLinx Classic. Successful exploitation could lead to buffer overflow or crash of the vulnerable application.
Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vulnerability may allow a remote, unauthenticated threat actor to intentionally send a malformed CIP packet to Port 44818, causing the RSLinx Classic application to terminate. The user will need to manually restart the software to regain functionality.