CVE-2023-7242

Name of the Vulnerable Software and Affected Versions Zeek Plugin versions d78dda6 and prior

Description The issue is related to an out-of-bounds read during the analysis of a specific Ethercat packet, which could allow an attacker to crash the Zeek process and leak some information in memory. This could potentially lead to a denial of service or unauthorized access to protected information.

Recommendations For Zeek Plugin versions d78dda6 and prior, consider disabling the affected Ethercat packet analysis functionality until a patch is available. Restrict access to the vulnerable Zeek Plugin to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.