Buffer overflow in Rockwell Automation Rslinx Classic

CVE-2019-6553

A vulnerability was found in Rockwell Automation RSLinx Classic versions 4.10.00 and prior. An input validation issue in a .dll file of RSLinx Classic where the data in a Forward Open service request is passed to a fixed size buffer, allow…

Vulnerability class: Buffer Overflow

EPSS: 0.500 (98.8th percentile) — read the EPSS interpretation.

Affected products

Rockwell Automation Rslinx Classic — versions 4.10.00 and prior

Weakness classification (CWE)

CWE-121 — Stack-based Buffer Overflow

References

ics-cert.us-cert.gov/advisories/ICSA-19-064-01 (x_refsource_MISC)