Buffer overflow in Rockwellautomation 1768_compact_guardlogix_l4xs_controller

CVE-2016-9343

An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protoc…

Vulnerability class: Buffer Overflow

EPSS: 0.105 (95.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 10.0 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2016-9343?
CVE-2016-9343 is a critical-severity vulnerability in Rockwellautomation 1768_compact_guardlogix_l4xs_controller, classified under Out-of-bounds Write. CVSS score: 10.0/10. Published 2017-02-13.
How severe is CVE-2016-9343?
Critical severity. CVSS v3 base score is 10.0 out of 10.