Remote Code Execution and Denial of Service Vulnerability in Rockwell Automation RSLinx Classic Versions 4.00.01 and prior

Remote Code Execution and Denial of Service Vulnerability in Rockwell Automation RSLinx Classic Versions 4.00.01 and prior

CVE-2018-14829 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vulnerability may allow a remote threat actor to intentionally send a malformed CIP packet to Port 44818, causing the software application to stop responding and crash. This vulnerability also has the potential to exploit a buffer overflow condition, which may allow the threat actor to remotely execute arbitrary code.

Learn more about our Web Application Penetration Testing UK.