CVE-2018-14827

Name of the Vulnerable Software and Affected Versions Rockwell Automation RSLinx Classic versions 4.00.01 and prior

Description The issue is related to an uncontrolled resource consumption vulnerability. A remote, unauthenticated threat actor may intentionally send specially crafted Ethernet/IP packets to "Port 44818", causing the software application to stop responding and crash, resulting in a denial of service. The user must restart the software to regain functionality.

Recommendations For Rockwell Automation RSLinx Classic versions 4.00.01 and prior, consider restricting access to "Port 44818" to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using the affected port in the software configuration to prevent potential crashes. At the moment, there is no information about a newer version that contains a fix for this vulnerability.