CVE-2018-19282

Sažetak

Rockwell Automation PowerFlex 525 AC Drives 5.001 and earlier allow remote attackers to cause a denial of service by crashing the Common Industrial Protocol (CIP) network stack. The vulnerability allows the attacker to crash the CIP in a way that it does not accept new connections, but keeps the current connections active, which can prevent legitimate users from recovering control.

Reference

https://applied-risk.com/application/files/4215/5385/2294/Advisory_AR2019004_Rockwell_Powerflex_525_Denial_of_Service.pdf
https://ics-cert.us-cert.gov/advisories/ICSA-19-087-01

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

09-04-2019 - 14:35

Objavljeno

04-04-2019 - 21:29