CVE-2023-2262

Summary

CVE	CVE-2023-2262
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2023-09-20 16:15:00 UTC
Updated	2023-09-22 18:01:00 UTC
Description	A buffer overflow vulnerability exists in the Rockwell Automation select 1756-EN* communication devices. If exploited, a threat actor could potentially leverage this vulnerability to perform a remote code execution. To exploit this vulnerability, a threat actor would have to send a maliciously crafted CIP request to device.

Risk And Classification

Problem Types: CWE-787

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Rockwellautomation	1756-en2fk Series A	-	All	All	All
Operating System	Rockwellautomation	1756-en2fk Series A Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2fk Series B	-	All	All	All
Operating System	Rockwellautomation	1756-en2fk Series B Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2fk Series C	-	All	All	All
Operating System	Rockwellautomation	1756-en2fk Series C Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2f Series A	-	All	All	All
Operating System	Rockwellautomation	1756-en2f Series A Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2f Series B	-	All	All	All
Operating System	Rockwellautomation	1756-en2f Series B Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2f Series C	-	All	All	All
Operating System	Rockwellautomation	1756-en2f Series C Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2tk Series A	-	All	All	All
Operating System	Rockwellautomation	1756-en2tk Series A Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2tk Series B	-	All	All	All
Operating System	Rockwellautomation	1756-en2tk Series B Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2tk Series C	-	All	All	All
Operating System	Rockwellautomation	1756-en2tk Series C Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2tpk Series A	-	All	All	All
Operating System	Rockwellautomation	1756-en2tpk Series A Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2tpxt Series A	-	All	All	All
Operating System	Rockwellautomation	1756-en2tpxt Series A Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2tp Series A	-	All	All	All
Operating System	Rockwellautomation	1756-en2tp Series A Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2trk Series A	-	All	All	All
Operating System	Rockwellautomation	1756-en2trk Series A Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2trk Series B	-	All	All	All
Operating System	Rockwellautomation	1756-en2trk Series B Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2trk Series C	-	All	All	All
Operating System	Rockwellautomation	1756-en2trk Series C Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2trxt Series A	-	All	All	All
Operating System	Rockwellautomation	1756-en2trxt Series A Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2trxt Series B	-	All	All	All
Operating System	Rockwellautomation	1756-en2trxt Series B Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2trxt Series C	-	All	All	All
Operating System	Rockwellautomation	1756-en2trxt Series C Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2tr Series A	-	All	All	All
Operating System	Rockwellautomation	1756-en2tr Series A Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2tr Series B	-	All	All	All
Operating System	Rockwellautomation	1756-en2tr Series B Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2tr Series C	-	All	All	All
Operating System	Rockwellautomation	1756-en2tr Series C Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2txt Series A	-	All	All	All
Operating System	Rockwellautomation	1756-en2txt Series A Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2txt Series B	-	All	All	All
Operating System	Rockwellautomation	1756-en2txt Series B Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2txt Series C	-	All	All	All
Operating System	Rockwellautomation	1756-en2txt Series C Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2txt Series D	-	All	All	All
Operating System	Rockwellautomation	1756-en2txt Series D Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2t Series A	-	All	All	All
Operating System	Rockwellautomation	1756-en2t Series A Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2t Series B	-	All	All	All
Operating System	Rockwellautomation	1756-en2t Series B Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2t Series C	-	All	All	All
Operating System	Rockwellautomation	1756-en2t Series C Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en2t Series D	-	All	All	All
Operating System	Rockwellautomation	1756-en2t Series D Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en3trk Series A	-	All	All	All
Operating System	Rockwellautomation	1756-en3trk Series A Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en3trk Series B	-	All	All	All
Operating System	Rockwellautomation	1756-en3trk Series B Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en3tr Series A	-	All	All	All
Operating System	Rockwellautomation	1756-en3tr Series A Firmware	All	All	All	All
Hardware	Rockwellautomation	1756-en3tr Series B	-	All	All	All
Operating System	Rockwellautomation	1756-en3tr Series B Firmware	All	All	All	All

References

Reference	Source	Link	Tags
Select Logix Communication Modules Vulnerable to Email Object Buffer Overflow	MISC	rockwellautomation.custhelp.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.