OpenCVE

Where this vulnerability exists in the Rockwell Automation 1756-EN4* Ethernet/IP communication products, it could allow a malicious user to cause a denial of service by asserting the target system through maliciously crafted CIP messages.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Rockwellautomation	1756-en4tr 1756-en4tr Firmware 1756-en4trk 1756-en4trk Firmware 1756-en4trxt 1756-en4trxt Firmware

Configuration 1 [-]

AND

cpe:2.3:o:rockwellautomation:1756-en4tr_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:rockwellautomation:1756-en4tr:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:rockwellautomation:1756-en4trk_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:rockwellautomation:1756-en4trk:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:rockwellautomation:1756-en4trxt_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:rockwellautomation:1756-en4trxt:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010

History

Thu, 07 Nov 2024 17:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Rockwell

Published: 2023-07-12T12:51:19.498Z

Updated: 2024-11-07T16:59:33.267Z

Reserved: 2023-07-10T15:34:53.790Z

Link: CVE-2023-3596

Vulnrichment

Updated: 2024-08-02T07:01:56.685Z

NVD

Status : Modified

Published: 2023-07-12T13:15:09.947

Modified: 2024-11-21T08:17:37.873

Link: CVE-2023-3596

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-3596", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "state": "PUBLISHED", "assignerShortName": "Rockwell", "dateReserved": "2023-07-10T15:34:53.790Z", "datePublished": "2023-07-12T12:51:19.498Z", "dateUpdated": "2024-11-07T16:59:33.267Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "1756-EN4TR Series A", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<=5.001"}]}, {"defaultStatus": "unaffected", "product": "1756-EN4TRK Series A", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<=5.001"}]}, {"defaultStatus": "unaffected", "product": "1756-EN4TRXT Series A\t", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "<=5.001"}]}], "datePublic": "2023-07-12T12:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">Where this vulnerability exists in the Rockwell Automation 1756-EN4* Ethernet/IP communication products, it could allow a malicious user to cause a denial of service by asserting the target system through maliciously crafted CIP messages.</span>\n\n"}], "value": "\nWhere this vulnerability exists in the Rockwell Automation 1756-EN4* Ethernet/IP communication products, it could allow a malicious user to cause a denial of service by asserting the target system through maliciously crafted CIP messages.\n\n"}], "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2023-07-12T13:16:21.672Z"}, "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<ul><li><strong>Update firmware. </strong>Update EN4* ControlLogix communications modules to firmware revision 5.002. </li><li><strong>Properly segment networks.</strong> Given a cyber actor would require network connectivity to the communication module to exploit the vulnerability, organizations should ensure ICS/SCADA networks are properly segmented within the process structure as well as from the Internet and other non-essential networks. </li><li><strong>Implement detection signatures.</strong> Use appended Snort signatures to monitor and detect anomalous Common Industrial Protocol (CIP) packets to Rockwell Automation devices. </li></ul>\n\n<br>"}], "value": "\n * Update firmware. Update EN4* ControlLogix communications modules to firmware revision 5.002.\u00a0\n * Properly segment networks.\u00a0Given a cyber actor would require network connectivity to the communication module to exploit the vulnerability, organizations should ensure ICS/SCADA networks are properly segmented within the process structure as well as from the Internet and other non-essential networks. \n * Implement detection signatures.\u00a0Use appended Snort signatures to monitor and detect anomalous Common Industrial Protocol (CIP) packets to Rockwell Automation devices. \n\n\n\n\n\n"}], "source": {"discovery": "UNKNOWN"}, "title": "Rockwell Automation Allen-Bradley ControlLogix Communication Modules vulnerable to Denial of Service ", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:01:56.685Z"}, "title": "CVE Program Container", "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "rockwellautomation", "product": "1756-en4tr", "cpes": ["cpe:2.3:h:rockwellautomation:1756-en4tr:-:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "5.001", "versionType": "custom"}]}, {"vendor": "rockwellautomation", "product": "1756-en4trk", "cpes": ["cpe:2.3:h:rockwellautomation:1756-en4trk:-:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "5.001", "versionType": "custom"}]}, {"vendor": "rockwellautomation", "product": "1756-en4trxt", "cpes": ["cpe:2.3:h:rockwellautomation:1756-en4trxt:-:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "5.001", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-07T16:56:23.761081Z", "id": "CVE-2023-3596", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-07T16:59:33.267Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:01:56.685Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-3596", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-11-07T16:56:23.761081Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:rockwellautomation:1756-en4tr:-:*:*:*:*:*:*:*"], "vendor": "rockwellautomation", "product": "1756-en4tr", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "5.001"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:h:rockwellautomation:1756-en4trk:-:*:*:*:*:*:*:*"], "vendor": "rockwellautomation", "product": "1756-en4trk", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "5.001"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:h:rockwellautomation:1756-en4trxt:-:*:*:*:*:*:*:*"], "vendor": "rockwellautomation", "product": "1756-en4trxt", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "5.001"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-07T16:59:20.757Z"}}], "cna": {"title": "Rockwell Automation Allen-Bradley ControlLogix Communication Modules vulnerable to Denial of Service ", "source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Rockwell Automation", "product": "1756-EN4TR Series A", "versions": [{"status": "affected", "version": "<=5.001"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "1756-EN4TRK Series A", "versions": [{"status": "affected", "version": "<=5.001"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "1756-EN4TRXT Series A\t", "versions": [{"status": "affected", "version": "<=5.001"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "\n * Update firmware. Update EN4* ControlLogix communications modules to firmware revision 5.002.\u00a0\n * Properly segment networks.\u00a0Given a cyber actor would require network connectivity to the communication module to exploit the vulnerability, organizations should ensure ICS/SCADA networks are properly segmented within the process structure as well as from the Internet and other non-essential networks. \n * Implement detection signatures.\u00a0Use appended Snort signatures to monitor and detect anomalous Common Industrial Protocol (CIP) packets to Rockwell Automation devices. \n\n\n\n\n\n", "supportingMedia": [{"type": "text/html", "value": "\n\n<ul><li><strong>Update firmware. </strong>Update EN4* ControlLogix communications modules to firmware revision 5.002. </li><li><strong>Properly segment networks.</strong> Given a cyber actor would require network connectivity to the communication module to exploit the vulnerability, organizations should ensure ICS/SCADA networks are properly segmented within the process structure as well as from the Internet and other non-essential networks. </li><li><strong>Implement detection signatures.</strong> Use appended Snort signatures to monitor and detect anomalous Common Industrial Protocol (CIP) packets to Rockwell Automation devices. </li></ul>\n\n<br>", "base64": false}]}], "datePublic": "2023-07-12T12:00:00.000Z", "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "\nWhere this vulnerability exists in the Rockwell Automation 1756-EN4* Ethernet/IP communication products, it could allow a malicious user to cause a denial of service by asserting the target system through maliciously crafted CIP messages.\n\n", "supportingMedia": [{"type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">Where this vulnerability exists in the Rockwell Automation 1756-EN4* Ethernet/IP communication products, it could allow a malicious user to cause a denial of service by asserting the target system through maliciously crafted CIP messages.</span>\n\n", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2023-07-12T13:16:21.672Z"}}}, "cveMetadata": {"cveId": "CVE-2023-3596", "state": "PUBLISHED", "dateUpdated": "2024-11-07T16:59:33.267Z", "dateReserved": "2023-07-10T15:34:53.790Z", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "datePublished": "2023-07-12T12:51:19.498Z", "assignerShortName": "Rockwell"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en4tr_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB4EB5E2-9FB4-419E-B23A-458436E61121", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en4tr:-:*:*:*:*:*:*:*", "matchCriteriaId": "898EE953-E0EF-4B52-8EA0-41AAD8B5CCF3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en4trk_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "AEF09D94-1AE1-4449-8ECA-0A5B1F5019C9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en4trk:-:*:*:*:*:*:*:*", "matchCriteriaId": "4BE4EFEA-79D9-4903-8272-49756A014BD4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:1756-en4trxt_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "12EE978F-DECE-4572-93AE-026D3EDC5878", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:1756-en4trxt:-:*:*:*:*:*:*:*", "matchCriteriaId": "E45471FA-99BF-4F57-BFC8-224BB9576670", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "\nWhere this vulnerability exists in the Rockwell Automation 1756-EN4* Ethernet/IP communication products, it could allow a malicious user to cause a denial of service by asserting the target system through maliciously crafted CIP messages.\n\n"}], "id": "CVE-2023-3596", "lastModified": "2024-11-21T08:17:37.873", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-07-12T13:15:09.947", "references": [{"source": "PSIRT@rockwellautomation.com", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010"}], "sourceIdentifier": "PSIRT@rockwellautomation.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}