CRITICAL: CVE-2016-9343 (CVSS 10) — rockwellautomation softlogix 5800 controller firmware
CVE: CVE-2016-9343
CVSS: 10 (3.1) — CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Severity: CRITICAL
Status: Critical advisory
Affected
- rockwellautomation softlogix 5800 controller firmware
- rockwellautomation softlogix 5800 controller
- rockwellautomation rslogix emulate 5000 firmware
- rockwellautomation rslogix emulate 5000
- rockwellautomation guardlogix 5570 controller firmware
Summary
An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service.
Verified Sources
References
- http://www.securityfocus.com/bid/95304
- https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05
- http://www.securityfocus.com/bid/95304
- https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05
_Validated by the Lyrie Threat Intelligence Pipeline — 3 independent sources confirmed before publication. No speculation._
Lyrie Verdict
A vulnerability of this severity is exactly what Lyrie's anti-rogue-AI defense is built for: continuous, autonomous monitoring that doesn't wait for human reaction time.
Validated sources
- [1]NVD
- [2]GitHub Advisory
- [3]MITRE