CVE-2017-9312

Severity CVSS v4.0:
Pending analysis
Type:
CWE-20 Input Validation
Publication date:
25/06/2018
Last modified:
23/08/2018

Description

Improperly implemented option-field processing in the TCP/IP stack on Allen-Bradley L30ERMS safety devices v30 and earlier causes a denial of service. When a crafted TCP packet is received, the device reboots immediately.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:rockwellautomation:allen-bradley_l30erms_firmware:*:*:*:*:*:*:*:* 30 (including)
cpe:2.3:h:rockwellautomation:allen-bradley_l30erms:-:*:*:*:*:*:*:*