CVE-2018-14827
First published: Thu Sep 20 2018(Updated: )
Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. A remote, unauthenticated threat actor may intentionally send specially crafted Ethernet/IP packets to Port 44818, causing the software application to stop responding and crash. The user must restart the software to regain functionality.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Rockwellautomation Rslinx | <=4.00.01 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2018-14827.
What is the severity rating of CVE-2018-14827?
CVE-2018-14827 has a severity rating of 7.5 (High).
Which software versions are affected by CVE-2018-14827?
Rockwell Automation RSLinx Classic Versions 4.00.01 and prior are affected by CVE-2018-14827.
What is the impact of exploiting CVE-2018-14827?
Exploiting CVE-2018-14827 can cause the software application to stop responding and crash, requiring a restart to regain functionality.
Is authentication required to exploit CVE-2018-14827?
No, CVE-2018-14827 can be exploited remotely by an unauthenticated threat actor.
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/event
- vendor/rockwellautomation
- canonical/rockwellautomation rslinx
- version/rockwellautomation rslinx/4.00.01