PT-2018-8505 · Allen Bradley · L30Erms

Published

2018-06-25

Updated

2018-08-23

CVE-2017-9312

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Allen-Bradley L30ERMS safety devices versions v30 and earlier

Description The issue is caused by improperly implemented option-field processing in the TCP/IP stack, leading to a denial of service when a crafted TCP packet is received, resulting in the device rebooting immediately.

Recommendations For versions v30 and earlier, update to a version later than v30 to resolve the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2017-9312

Affected Products

L30Erms

PT-2018-8505 · Allen Bradley · L30Erms

CVE-2017-9312

Weakness Enumeration

Related Identifiers

Affected Products

References · 4