all InfoSec news
Rockwell Automation ControlLogix Communication Modules Vulnerabilities (CVE-2023-3595 and CVE-2023-3596)
July 17, 2023, 1:05 p.m. |
FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com
Rockwell Automation ControlLogix communications modules are devices from Rockwell Automation, a US-based automation technology company, and are used by various industry sectors including critical infrastructure to establish communication links between devices.
What is the Attack?
CVE-2023-3595 is an out-of-bounds write vulnerability that affects the vulnerable 1756 EN2* and 1756 EN3* series of Rockwell Automation ControlLogix EtherNet/IP communication modules. Successful exploitation of a vulnerable system via maliciously crafted Common Industrial Protocol (CIP) messages could …
attack automation communication communication modules communications controllogix critical critical infrastructure cve devices industry infrastructure links modules out-of-bounds out-of-bounds write rockwell rockwell automation rockwell automation controllogix sectors technology vulnerabilities vulnerability what is
More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report
Tinyproxy use-after-free Vulnerability (CVE-2023-49606)
1 week, 2 days ago |
fortiguard.fortinet.com
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Security Operations Manager-West Coast
@ The Walt Disney Company | USA - CA - 2500 Broadway Street
Vulnerability Analyst - Remote (WFH)
@ Cognitive Medical Systems | Phoenix, AZ, US | Oak Ridge, TN, US | Austin, TX, US | Oregon, US | Austin, TX, US
Senior Mainframe Security Administrator
@ Danske Bank | Copenhagen V, Denmark