Rockwell Automation ControlLogix Communication Modules Vulnerable to Remote Code Execution
CVE-2023-3595

9.8CRITICAL

Key Information:

Vendor

Rockwell Automation
Status
1756-EN2T Series A, B, C
1756-EN2T Series D
1756-EN2TK Series A, B, C
1756-EN2TXT Series A, B, C
Vendor
CVE Published:
12 July 2023

Badges

πŸ’° RansomwareπŸ‘Ύ Exploit Exists🟣 EPSS 12%πŸ“° News Worthy

What is CVE-2023-3595?

A vulnerability exists in Rockwell Automation's ControlLogix communication products, specifically the 1756 EN2* and 1756 EN3* models. This flaw could be exploited by a malicious user to achieve remote code execution with persistence. Attackers can craft malicious CIP messages to manipulate, deny, or exfiltrate data traversing the affected device, thus compromising the integrity and confidentiality of the system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

1756-EN2F Series A, B <=5.008 & 5.028

1756-EN2F Series C <=11.003

1756-EN2FK Series A, B <=5.008 & 5.028

News Articles

favicon imageThe Hacker News

Rockwell Automation ControlLogix Bugs Expose Industrial Systems to Remote Attacks

U.S. CISA warns of critical vulnerabilities in Rockwell Automation ControlLogix ENIP modules, allowing remote code execution and DoS attacks.

References

https://rockwellautomation.custhelp.com/app/answers/answe...

EPSS Score

12% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • πŸ“°

    First article discovered by The Hacker News

  • πŸ’°

    Used in Ransomware

  • πŸ‘Ύ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

JSON
.