CVE-2019-10954
published 2019-05-01CVE-2019-10954: An attacker could send crafted SMTP packets to cause a denial-of-service condition where the controller enters a major non-recoverable faulted state (MNRF) in…
PriorityP342high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
6.10%
92.5th percentile
An attacker could send crafted SMTP packets to cause a denial-of-service condition where the controller enters a major non-recoverable faulted state (MNRF) in CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370 controllers, and Armor Compact GuardLogix 5370 Controllers Versions 20 - 30 and earlier.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rockwell_automation | armor_compact_guardlogix_5370_controllers | < 20 - 30 | 20 - 30 |
| rockwell_automation | compact_guardlogix_5370_controllers | < 20 - 30 | 20 - 30 |
| rockwell_automation | compactlogix_5370_l1_controllers | < 20 - 30 | 20 - 30 |
| rockwell_automation | compactlogix_5370_l2_controllers | < 20 - 30 | 20 - 30 |
| rockwell_automation | compactlogix_5370_l3_controllers | < 20 - 30 | 20 - 30 |
| rockwellautomation | armor_compact_guardlogix_5370_firmware | 20.011 – 30.014 | — |
| rockwellautomation | compact_guardlogix_5370_firmware | 20.011 – 30.014 | — |
| rockwellautomation | compactlogix_5370_l1_firmware | 20.011 – 30.014 | — |
| rockwellautomation | compactlogix_5370_l2_firmware | 20.011 – 30.014 | — |
| rockwellautomation | compactlogix_5370_l3_firmware | 20.011 – 30.014 | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.07.8HIGHAV:N/AC:L/Au:N/C:N/I:N/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Rockwell Automation CompactLogix 5370 (Update A)
cisa_ics·2019-04-30·CVSS 9.8
[CRITICAL] Rockwell Automation CompactLogix 5370 (Update A)
ICS Advisory
##
Rockwell Automation CompactLogix 5370 (Update A)
Last RevisedJune 29, 2023
Alert CodeICSA-19-120-01
## 1. EXECUTIVE SUMMARY
-
CVSS v3 8.6
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Rockwell Automation
- Equipment: CompactLogix 5370
- Vulnerabilities: Uncontrolled Resource Consumption, Stack-based Buffer Overflow
## 2. UPDATE OR REPOSTED INFORMATION
This updated advisory is a follow-up to the original advisory titled “ICSA-19-120-01 Rockwell Automation CompactLogix 5370” that was published April 30, 2019, on the ICS webpage on cisa.gov/ICS.
## 3. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow a remote attacker to render the web server unavailable and/or place the controller in a major non
GHSA
GHSA-w6v6-c9pm-2p53: An attacker could send crafted SMTP packets to cause a denial-of-service condition where the controller enters a major non-recoverable faulted state (
ghsa_unreviewed·2022-05-24
CVE-2019-10954 [HIGH] CWE-121 GHSA-w6v6-c9pm-2p53: An attacker could send crafted SMTP packets to cause a denial-of-service condition where the controller enters a major non-recoverable faulted state (
An attacker could send crafted SMTP packets to cause a denial-of-service condition where the controller enters a major non-recoverable faulted state (MNRF) in CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370 controllers, and Armor Compact GuardLogix 5370 Controllers Versions 20 to 30.014 and earlier.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.securityfocus.com/bid/108118https://ics-cert.us-cert.gov/advisories/ICSA-19-120-01https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1075979http://www.securityfocus.com/bid/108118https://ics-cert.us-cert.gov/advisories/ICSA-19-120-01https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1075979
2019-05-01
Published