CVE-2022-43604
published 2023-03-16CVE-2022-43604: An out-of-bounds write vulnerability exists in the GetAttributeList attribute_count_request functionality of EIP Stack Group OpENer development commit 58ee13c…
PriorityP271critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
14.37%
96.2th percentile
An out-of-bounds write vulnerability exists in the GetAttributeList attribute_count_request functionality of EIP Stack Group OpENer development commit 58ee13c. A specially crafted EtherNet/IP request can lead to an out-of-bounds write, potentially causing the server to crash or allow for remote code execution. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| eip_stack_group | opener | — | — |
| opener_project | opener | < 2022-10-18 | 2022-10-18 |
Detection & IOCsextracted from sources · hover to see the quote
snort↗
Snort rules 60983-60985
- →Exploit targets the GetAttributeList attribute_count_request functionality in EIP Stack Group OpENer; detect specially crafted EtherNet/IP requests targeting this function. ↗
- →Monitor for exploitation attempts using Snort rules 60983–60985 via Cisco Secure Firewall Management Center or Snort.org; rules may be updated as additional vulnerability information becomes available. ↗
- ·Vulnerability is confirmed in a specific development commit of OpENer; only commit 58ee13c has been tested and confirmed exploitable. ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Talos
Vulnerability Spotlight: EIP Stack Group OpENer open to two remote code execution vulnerabilities
blogs_talos·2023-02-23·CVSS 10.0
CVE-2022-43605 [CRITICAL] Vulnerability Spotlight: EIP Stack Group OpENer open to two remote code execution vulnerabilities
Cisco Talos recently discovered three vulnerabilities in EIP Stack Group OpENer, an ethernet/IP stack for I/O adapter devices, that could allow an attacker to cause a targeted server to crash or open the door to remote code execution.
Two of the vulnerabilities, TALOS-2022-1662 (CVE-2022-43605) and TALOS-2022-1661 (CVE-2022-43604) are considered to be considered of critical importance, with a CVSS score of a maximum 10 out of 10.
An adversary could exploit either of these vulnerabilities with an ethernet/IP request targeted at two functions on the software. These malicious requests could lead to an out-of-bounds write, potentially causing the server to crash or allowing the adversary to execute remote code on the targeted server.
TALOS-2022-1663 (CVE-2022-43606) is also caused by a spec
Talos
Vulnerability Spotlight: EIP Stack Group OpENer open to two remote code execution vulnerabilities
blogs_talos·2023-02-23·CVSS 10.0
CVE-2022-43605 [CRITICAL] Vulnerability Spotlight: EIP Stack Group OpENer open to two remote code execution vulnerabilities
## Vulnerability Spotlight: EIP Stack Group OpENer open to two remote code execution vulnerabilities
Cisco Talos recently discovered three vulnerabilities in EIP Stack Group OpENer, an ethernet/IP stack for I/O adapter devices, that could allow an attacker to cause a targeted server to crash or open the door to remote code execution.
Two of the vulnerabilities, TALOS-2022-1662 (CVE-2022-43605) and TALOS-2022-1661 (CVE-2022-43604) are considered to be considered of critical importance, with a CVSS score of a maximum 10 out of 10.
An adversary could exploit either of these vulnerabilities with an ethernet/IP request targeted at two functions on the software. These malicious requests could lead to an out-of-bounds write, potentially causing the server to crash or allowing the adversary to
2023-03-16
Published