CVE-2023-2262

Name of the Vulnerable Software and Affected Versions Rockwell Automation 1756-EN* communication devices (affected versions not specified)

Description A buffer overflow vulnerability exists in the Rockwell Automation select 1756-EN* communication devices. If exploited, a threat actor could potentially leverage this vulnerability to perform a remote code execution. To exploit this vulnerability, a threat actor would have to send a maliciously crafted CIP request to the device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the vulnerable devices to minimize the risk of exploitation. Avoid using the vulnerable CIP request protocol until the issue is resolved.