cbcvebase.
CVE-2022-43605
published 2023-03-16

CVE-2022-43605: An out-of-bounds write vulnerability exists in the SetAttributeList attribute_count_request functionality of EIP Stack Group OpENer development commit 58ee13c…

PriorityP271critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
14.37%
96.2th percentile
An out-of-bounds write vulnerability exists in the SetAttributeList attribute_count_request functionality of EIP Stack Group OpENer development commit 58ee13c. A specially crafted EtherNet/IP request can lead to an out of bounds write, potentially causing the server to crash or allow for remote code execution. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.

Affected

2 ranges
VendorProductVersion rangeFixed in
eip_stack_groupopener
opener_projectopener< 2022-10-182022-10-18

Detection & IOCsextracted from sources · hover to see the quote

snort
Snort rules 60983-60985
  • Detect exploitation attempts against CVE-2022-43605 using Cisco Snort rules 60983–60985, available via Cisco Secure Firewall Management Center or Snort.org.
  • The vulnerability is triggered via a specially crafted EtherNet/IP request targeting the SetAttributeList attribute_count_request functionality, leading to an out-of-bounds write. Monitor for anomalous EtherNet/IP traffic targeting this function.
  • ·Vulnerability confirmed only in EIP Stack Group OpENer development commit 58ee13c. Ensure patched versions are deployed.
  • ·Snort rules 60983–60985 are subject to change as additional vulnerability information becomes available; always reference the latest rule definitions.
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.