CVE-2016-9343

Name of the Vulnerable Software and Affected Versions Rockwell Automation Logix5000 Programmable Automation Controller versions 16.00 through 21.00

Description An issue allows an attacker to potentially execute code on the controller or initiate a denial of service by sending a malformed common industrial protocol (CIP) packet, which can overflow a stack-based buffer.

Recommendations For versions 16.00 through 21.00, consider restricting access to the CIP protocol until a fix is available to prevent potential exploitation.