What is CVE-2023-0027?

CVE-2023-0027 is a vulnerability in Rockwell Automation Modbus TCP Server AOI prior to version 2.04.00.

How severe is CVE-2023-0027?

CVE-2023-0027 has a severity rating of 4.3 (medium).

What is the affected software?

The affected software is Rockwell Automation Modbus TCP Server AOI version prior to 2.04.00.

What is the vulnerability description for CVE-2023-0027?

CVE-2023-0027 allows an unauthorized user to send a malformed message, causing the controller to respond with a copy of the most recent response to the last valid request.

How can CVE-2023-0027 be exploited?

CVE-2023-0027 can be exploited by an unauthorized user to read the connected devices.

Vulnerability/
CVE-2023-0027

medium

5.3

CWE

200

17/3/2023

2/8/2024

CVE-2023-0027: Rockwell Automation Modbus TCP AOI Server Could Leak Sensitive Information

First published: Fri Mar 17 2023(Updated: )

Rockwell Automation Modbus TCP Server AOI prior to 2.04.00 is vulnerable to an unauthorized user sending a malformed message that could cause the controller to respond with a copy of the most recent response to the last valid request. If exploited, an unauthorized user could read the connected device’s Modbus TCP Server AOI information.

Credit: PSIRT@rockwellautomation.com

Affected Software	Affected Version	How to fix
Rockwellautomation Modbus Tcp Server Add On Instructions	>=2.00.00<2.04.00

Remedy

Customers should update their software to versions 2.04.00 and later to mitigate this issue.

Never miss a vulnerability like this again

Reference Links

https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1138766

Frequently Asked Questions

What is CVE-2023-0027?
CVE-2023-0027 is a vulnerability in Rockwell Automation Modbus TCP Server AOI prior to version 2.04.00.
How severe is CVE-2023-0027?
CVE-2023-0027 has a severity rating of 4.3 (medium).
What is the affected software?
The affected software is Rockwell Automation Modbus TCP Server AOI version prior to 2.04.00.
What is the vulnerability description for CVE-2023-0027?
CVE-2023-0027 allows an unauthorized user to send a malformed message, causing the controller to respond with a copy of the most recent response to the last valid request.
How can CVE-2023-0027 be exploited?
CVE-2023-0027 can be exploited by an unauthorized user to read the connected devices.

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/references
agent/last-modified-date
agent/severity
agent/weakness
agent/remedy
agent/title
agent/author
agent/tags
agent/description
agent/first-publish-date
agent/event
vendor/rockwellautomation
canonical/rockwellautomation modbus tcp server add on instructions
version/rockwellautomation modbus tcp server add on instructions/2.00.00

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.