Remote code execution in Rockwell Automation Stratix, ArmoStratix and Allen-Bradley Stratix
| Risk | High |
| Patch available | NO |
| Number of vulnerabilities | 9 |
| CVE-ID | CVE-2017-6736 CVE-2017-6737 CVE-2017-6738 CVE-2017-6739 CVE-2017-6740 CVE-2017-6741 CVE-2017-6742 CVE-2017-6743 CVE-2017-6744 |
| CWE-ID | CWE-120 |
| Exploitation vector | Network |
| Public exploit |
Vulnerability #1 is being exploited in the wild. Vulnerability #2 is being exploited in the wild. Vulnerability #3 is being exploited in the wild. Vulnerability #4 is being exploited in the wild. Vulnerability #5 is being exploited in the wild. Vulnerability #7 is being exploited in the wild. Vulnerability #8 is being exploited in the wild. Vulnerability #9 is being exploited in the wild. |
| Vulnerable software |
Allen-Bradley Stratix 8300 Modular Managed Ethernet Switches Hardware solutions / Routers & switches, VoIP, GSM, etc Allen-Bradley Stratix 5900 Services Router Hardware solutions / Routers & switches, VoIP, GSM, etc Allen-Bradley Stratix 8000 Modular Managed Ethernet Switches Hardware solutions / Routers & switches, VoIP, GSM, etc Allen-Bradley ArmorStratix 5700 Industrial Managed Ethernet Switches Hardware solutions / Routers & switches, VoIP, GSM, etc Allen-Bradley Stratix 5700 Industrial Managed Ethernet Switches Hardware solutions / Routers & switches, VoIP, GSM, etc Allen-Bradley Stratix 5410 Industrial Distribution Switches Hardware solutions / Routers & switches, VoIP, GSM, etc Allen-Bradley Stratix 5400 Industrial Ethernet Switches Hardware solutions / Routers & switches, VoIP, GSM, etc |
| Vendor | Rockwell Automation |
Security Bulletin
This security bulletin contains information about 9 vulnerabilities.
1) Buffer overflow
EUVDB-ID: #VU7290
Risk: High
CVSSv4.0: 8.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]
CVE-ID: CVE-2017-6736
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: Yes
DescriptionThe vulnerability allows a remote authenticated attacker to execute arbitrary code on the target system.
The weakness exists in the Simple Network Management Protocol (SNMP) subsystem due to buffer overflow when handling malicious input. A remote attacker can send specially crafted SNMP packet via IPv4 or IPv6, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of the vulnerability results in system compromise.
Cybersecurity Help is currently unaware of any official patch addressing the vulnerability.
Vulnerable software versionsAllen-Bradley Stratix 8300 Modular Managed Ethernet Switches: 15.2(4)EA
Allen-Bradley Stratix 5900 Services Router: 15.6(3)M1
Allen-Bradley Stratix 8000 Modular Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley ArmorStratix 5700 Industrial Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5700 Industrial Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5410 Industrial Distribution Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5400 Industrial Ethernet Switches: 15.2(5)EA.fc4
CPE2.3- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_8300_modular_managed_ethernet_switches:15.2(4)EA:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5900_services_router:15.6(3)M1:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_8000_modular_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_armorstratix_5700_industrial_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5700_industrial_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5410_industrial_distribution_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5400_industrial_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
https://ics-cert.us-cert.gov/advisories/ICSA-17-208-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
2) Buffer overflow
EUVDB-ID: #VU7291
Risk: High
CVSSv4.0: 8.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]
CVE-ID: CVE-2017-6737
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to execute arbitrary code on the target system.
The weakness exists in the Simple Network Management Protocol (SNMP) subsystem due to buffer overflow when handling malicious input. A remote attacker can send specially crafted SNMP packet via IPv4 or IPv6, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of the vulnerability results in system compromise.
Cybersecurity Help is currently unaware of any official patch addressing the vulnerability.
Vulnerable software versionsAllen-Bradley Stratix 8300 Modular Managed Ethernet Switches: 15.2(4)EA
Allen-Bradley Stratix 5900 Services Router: 15.6(3)M1
Allen-Bradley Stratix 8000 Modular Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley ArmorStratix 5700 Industrial Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5700 Industrial Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5410 Industrial Distribution Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5400 Industrial Ethernet Switches: 15.2(5)EA.fc4
CPE2.3- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_8300_modular_managed_ethernet_switches:15.2(4)EA:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5900_services_router:15.6(3)M1:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_8000_modular_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_armorstratix_5700_industrial_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5700_industrial_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5410_industrial_distribution_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5400_industrial_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
https://ics-cert.us-cert.gov/advisories/ICSA-17-208-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
3) Buffer overflow
EUVDB-ID: #VU7292
Risk: High
CVSSv4.0: 8.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]
CVE-ID: CVE-2017-6738
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to execute arbitrary code on the target system.
The weakness exists in the Simple Network Management Protocol (SNMP) subsystem due to buffer overflow when handling malicious input. A remote attacker can send specially crafted SNMP packet via IPv4 or IPv6, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of the vulnerability results in system compromise.
Cybersecurity Help is currently unaware of any official patch addressing the vulnerability.
Vulnerable software versionsAllen-Bradley Stratix 8300 Modular Managed Ethernet Switches: 15.2(4)EA
Allen-Bradley Stratix 5900 Services Router: 15.6(3)M1
Allen-Bradley Stratix 8000 Modular Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley ArmorStratix 5700 Industrial Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5700 Industrial Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5410 Industrial Distribution Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5400 Industrial Ethernet Switches: 15.2(5)EA.fc4
CPE2.3- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_8300_modular_managed_ethernet_switches:15.2(4)EA:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5900_services_router:15.6(3)M1:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_8000_modular_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_armorstratix_5700_industrial_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5700_industrial_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5410_industrial_distribution_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5400_industrial_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
https://ics-cert.us-cert.gov/advisories/ICSA-17-208-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
4) Buffer overflow
EUVDB-ID: #VU7293
Risk: High
CVSSv4.0: 8.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]
CVE-ID: CVE-2017-6739
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to execute arbitrary code on the target system.
The weakness exists in the Simple Network Management Protocol (SNMP) subsystem due to buffer overflow when handling malicious input. A remote attacker can send specially crafted SNMP packet via IPv4 or IPv6, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of the vulnerability results in system compromise.
Cybersecurity Help is currently unaware of any official patch addressing the vulnerability.
Vulnerable software versionsAllen-Bradley Stratix 8300 Modular Managed Ethernet Switches: 15.2(4)EA
Allen-Bradley Stratix 5900 Services Router: 15.6(3)M1
Allen-Bradley Stratix 8000 Modular Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley ArmorStratix 5700 Industrial Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5700 Industrial Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5410 Industrial Distribution Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5400 Industrial Ethernet Switches: 15.2(5)EA.fc4
CPE2.3- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_8300_modular_managed_ethernet_switches:15.2(4)EA:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5900_services_router:15.6(3)M1:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_8000_modular_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_armorstratix_5700_industrial_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5700_industrial_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5410_industrial_distribution_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5400_industrial_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
https://ics-cert.us-cert.gov/advisories/ICSA-17-208-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
5) Buffer overflow
EUVDB-ID: #VU7294
Risk: High
CVSSv4.0: 8.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]
CVE-ID: CVE-2017-6740
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to execute arbitrary code on the target system.
The weakness exists in the Simple Network Management Protocol (SNMP) subsystem due to buffer overflow when handling malicious input. A remote attacker can send specially crafted SNMP packet via IPv4 or IPv6, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of the vulnerability results in system compromise.
Cybersecurity Help is currently unaware of any official patch addressing the vulnerability.
Vulnerable software versionsAllen-Bradley Stratix 8300 Modular Managed Ethernet Switches: 15.2(4)EA
Allen-Bradley Stratix 5900 Services Router: 15.6(3)M1
Allen-Bradley Stratix 8000 Modular Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley ArmorStratix 5700 Industrial Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5700 Industrial Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5410 Industrial Distribution Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5400 Industrial Ethernet Switches: 15.2(5)EA.fc4
CPE2.3- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_8300_modular_managed_ethernet_switches:15.2(4)EA:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5900_services_router:15.6(3)M1:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_8000_modular_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_armorstratix_5700_industrial_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5700_industrial_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5410_industrial_distribution_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5400_industrial_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
https://ics-cert.us-cert.gov/advisories/ICSA-17-208-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
6) Buffer overflow
EUVDB-ID: #VU7295
Risk: High
CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-6741
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to execute arbitrary code on the target system.
The weakness exists in the Simple Network Management Protocol (SNMP) subsystem due to buffer overflow when handling malicious input. A remote attacker can send specially crafted SNMP packet via IPv4 or IPv6, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of the vulnerability results in system compromise.
Cybersecurity Help is currently unaware of any official patch addressing the vulnerability.
Vulnerable software versionsAllen-Bradley Stratix 8300 Modular Managed Ethernet Switches: 15.2(4)EA
Allen-Bradley Stratix 5900 Services Router: 15.6(3)M1
Allen-Bradley Stratix 8000 Modular Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley ArmorStratix 5700 Industrial Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5700 Industrial Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5410 Industrial Distribution Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5400 Industrial Ethernet Switches: 15.2(5)EA.fc4
CPE2.3- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_8300_modular_managed_ethernet_switches:15.2(4)EA:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5900_services_router:15.6(3)M1:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_8000_modular_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_armorstratix_5700_industrial_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5700_industrial_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5410_industrial_distribution_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5400_industrial_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
https://ics-cert.us-cert.gov/advisories/ICSA-17-208-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Buffer overflow
EUVDB-ID: #VU7296
Risk: High
CVSSv4.0: 8.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]
CVE-ID: CVE-2017-6742
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to execute arbitrary code on the target system.
The weakness exists in the Simple Network Management Protocol (SNMP) subsystem due to buffer overflow when handling malicious input. A remote attacker can send specially crafted SNMP packet via IPv4 or IPv6, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of the vulnerability results in system compromise.
Cybersecurity Help is currently unaware of any official patch addressing the vulnerability.
Vulnerable software versionsAllen-Bradley Stratix 8300 Modular Managed Ethernet Switches: 15.2(4)EA
Allen-Bradley Stratix 5900 Services Router: 15.6(3)M1
Allen-Bradley Stratix 8000 Modular Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley ArmorStratix 5700 Industrial Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5700 Industrial Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5410 Industrial Distribution Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5400 Industrial Ethernet Switches: 15.2(5)EA.fc4
CPE2.3- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_8300_modular_managed_ethernet_switches:15.2(4)EA:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5900_services_router:15.6(3)M1:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_8000_modular_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_armorstratix_5700_industrial_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5700_industrial_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5410_industrial_distribution_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5400_industrial_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
https://ics-cert.us-cert.gov/advisories/ICSA-17-208-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
8) Buffer overflow
EUVDB-ID: #VU7297
Risk: High
CVSSv4.0: 8.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]
CVE-ID: CVE-2017-6743
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to execute arbitrary code on the target system.
The weakness exists in the Simple Network Management Protocol (SNMP) subsystem due to buffer overflow when handling malicious input. A remote attacker can send specially crafted SNMP packet via IPv4 or IPv6, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of the vulnerability results in system compromise.
Cybersecurity Help is currently unaware of any official patch addressing the vulnerability.
Vulnerable software versionsAllen-Bradley Stratix 8300 Modular Managed Ethernet Switches: 15.2(4)EA
Allen-Bradley Stratix 5900 Services Router: 15.6(3)M1
Allen-Bradley Stratix 8000 Modular Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley ArmorStratix 5700 Industrial Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5700 Industrial Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5410 Industrial Distribution Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5400 Industrial Ethernet Switches: 15.2(5)EA.fc4
CPE2.3- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_8300_modular_managed_ethernet_switches:15.2(4)EA:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5900_services_router:15.6(3)M1:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_8000_modular_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_armorstratix_5700_industrial_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5700_industrial_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5410_industrial_distribution_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5400_industrial_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
https://ics-cert.us-cert.gov/advisories/ICSA-17-208-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
9) Buffer overflow
EUVDB-ID: #VU7298
Risk: High
CVSSv4.0: 8.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]
CVE-ID: CVE-2017-6744
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to execute arbitrary code on the target system.
The weakness exists in the Simple Network Management Protocol (SNMP) subsystem due to buffer overflow when handling malicious input. A remote attacker can send specially crafted SNMP packet via IPv4 or IPv6, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of the vulnerability results in system compromise.
Cybersecurity Help is currently unaware of any official patch addressing the vulnerability.
Vulnerable software versionsAllen-Bradley Stratix 8300 Modular Managed Ethernet Switches: 15.2(4)EA
Allen-Bradley Stratix 5900 Services Router: 15.6(3)M1
Allen-Bradley Stratix 8000 Modular Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley ArmorStratix 5700 Industrial Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5700 Industrial Managed Ethernet Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5410 Industrial Distribution Switches: 15.2(5)EA.fc4
Allen-Bradley Stratix 5400 Industrial Ethernet Switches: 15.2(5)EA.fc4
CPE2.3- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_8300_modular_managed_ethernet_switches:15.2(4)EA:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5900_services_router:15.6(3)M1:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_8000_modular_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_armorstratix_5700_industrial_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5700_industrial_managed_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5410_industrial_distribution_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
- cpe:2.3:h:rockwell_automation:allen-bradley_stratix_5400_industrial_ethernet_switches:15.2(5)EA.fc4:*:*:*:*:*:*:*
https://ics-cert.us-cert.gov/advisories/ICSA-17-208-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
