Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2016-9343

An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service.

Security Impact Summary

This vulnerability carries a CRITICAL severity rating with a CVSS v3.1 score of 10.0, indicating it can be exploited remotely over the network with relatively low complexity without requiring user interaction and does not require pre-existing privileges . The vulnerability impacts confidentiality (data exposure), integrity (unauthorized modifications), and availability (service disruption) for affected systems. Impacting 32 products from rockwellautomation, from rockwellautomation, from rockwellautomation and 29 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

First disclosed in 2017, this vulnerability was reported during a period defined by widespread IoT adoption challenges, mobile security concerns, and the emergence of advanced persistent threat (APT) techniques. Contemporary mitigation strategies focused on secure development practices and third-party component vetting.

Published

2017-02-13T21:59:01.707

Last Modified

2025-04-20T01:37:25.860

Status

Deferred

Source

[email protected]

Severity

CVSSv3.1: 10.0 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

10.0

Impact Score

6.4

Weaknesses
  • Type: Primary
    CWE-787
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System rockwellautomation softlogix_5800_controller_firmware 18.00 Yes
Operating System rockwellautomation softlogix_5800_controller_firmware 19.00 Yes
Operating System rockwellautomation softlogix_5800_controller_firmware 20.00 Yes
Operating System rockwellautomation softlogix_5800_controller_firmware 21.00 Yes
Hardware rockwellautomation softlogix_5800_controller - No
Operating System rockwellautomation rslogix_emulate_5000_firmware 18.00 Yes
Operating System rockwellautomation rslogix_emulate_5000_firmware 19.00 Yes
Operating System rockwellautomation rslogix_emulate_5000_firmware 20.00 Yes
Operating System rockwellautomation rslogix_emulate_5000_firmware 21.00 Yes
Hardware rockwellautomation rslogix_emulate_5000 - No
Operating System rockwellautomation guardlogix_5570_controller_firmware 16.00 Yes
Operating System rockwellautomation guardlogix_5570_controller_firmware 17.00 Yes
Operating System rockwellautomation guardlogix_5570_controller_firmware 18.00 Yes
Operating System rockwellautomation guardlogix_5570_controller_firmware 19.00 Yes
Operating System rockwellautomation guardlogix_5570_controller_firmware 20.00 Yes
Operating System rockwellautomation guardlogix_5570_controller_firmware 20.010 Yes
Operating System rockwellautomation guardlogix_5570_controller_firmware 20.017 Yes
Operating System rockwellautomation guardlogix_5570_controller_firmware 21.00 Yes
Hardware rockwellautomation guardlogix_5570_controller - No
Operating System rockwellautomation flexlogix_l34_controller_firmware 16.00 Yes
Hardware rockwellautomation flexlogix_l34_controller - No
Operating System rockwellautomation controllogix_l55_controller_firmware 16.00 Yes
Operating System rockwellautomation controllogix_l55_controller_firmware 16.020 Yes
Operating System rockwellautomation controllogix_l55_controller_firmware 16.022 Yes
Hardware rockwellautomation controllogix_l55_controller - No
Operating System rockwellautomation controllogix_5570_redundant_controller_firmware 20.00 Yes
Operating System rockwellautomation controllogix_5570_redundant_controller_firmware 20.050 Yes
Operating System rockwellautomation controllogix_5570_redundant_controller_firmware 20.055 Yes
Operating System rockwellautomation controllogix_5570_redundant_controller_firmware 21.00 Yes
Hardware rockwellautomation controllogix_5570_redundant_controller - No
Operating System rockwellautomation controllogix_5570_controller_firmware 18.00 Yes
Operating System rockwellautomation controllogix_5570_controller_firmware 19.00 Yes
Operating System rockwellautomation controllogix_5570_controller_firmware 20.010 Yes
Operating System rockwellautomation controllogix_5570_controller_firmware 20.013 Yes
Operating System rockwellautomation controllogix_5570_controller_firmware 21.00 Yes
Hardware rockwellautomation controllogix_5570_controller - No
Operating System rockwellautomation controllogix_5560_redundant_controller_firmware 16.00 Yes
Operating System rockwellautomation controllogix_5560_redundant_controller_firmware 19.00 Yes
Operating System rockwellautomation controllogix_5560_redundant_controller_firmware 20.00 Yes
Operating System rockwellautomation controllogix_5560_redundant_controller_firmware 20.050 Yes
Operating System rockwellautomation controllogix_5560_redundant_controller_firmware 20.055 Yes
Hardware rockwellautomation controllogix_5560_redundant_controller - No
Operating System rockwellautomation controllogix_5560_controller_firmware 16.00 Yes
Operating System rockwellautomation controllogix_5560_controller_firmware 16.020 Yes
Operating System rockwellautomation controllogix_5560_controller_firmware 16.022 Yes
Operating System rockwellautomation controllogix_5560_controller_firmware 17.00 Yes
Operating System rockwellautomation controllogix_5560_controller_firmware 18.00 Yes
Operating System rockwellautomation controllogix_5560_controller_firmware 19.00 Yes
Operating System rockwellautomation controllogix_5560_controller_firmware 20.00 Yes
Operating System rockwellautomation controllogix_5560_controller_firmware 20.010 Yes
Operating System rockwellautomation controllogix_5560_controller_firmware 20.013 Yes
Hardware rockwellautomation controllogix_5560_controller - No
Operating System rockwellautomation 1769_compactlogix_l3x_controller_firmware 16.00 Yes
Operating System rockwellautomation 1769_compactlogix_l3x_controller_firmware 16.020 Yes
Operating System rockwellautomation 1769_compactlogix_l3x_controller_firmware 16.023 Yes
Operating System rockwellautomation 1769_compactlogix_l3x_controller_firmware 17.00 Yes
Operating System rockwellautomation 1769_compactlogix_l3x_controller_firmware 18.00 Yes
Operating System rockwellautomation 1769_compactlogix_l3x_controller_firmware 19.00 Yes
Operating System rockwellautomation 1769_compactlogix_l3x_controller_firmware 20.00 Yes
Operating System rockwellautomation 1769_compactlogix_l3x_controller_firmware 20.010 Yes
Operating System rockwellautomation 1769_compactlogix_l3x_controller_firmware 20.013 Yes
Hardware rockwellautomation 1769_compactlogix_l3x_controller - No
Operating System rockwellautomation 1769_compactlogix_l23x_controller_firmware 16.00 Yes
Operating System rockwellautomation 1769_compactlogix_l23x_controller_firmware 17.00 Yes
Operating System rockwellautomation 1769_compactlogix_l23x_controller_firmware 18.00 Yes
Operating System rockwellautomation 1769_compactlogix_l23x_controller_firmware 19.00 Yes
Operating System rockwellautomation 1769_compactlogix_l23x_controller_firmware 20.00 Yes
Operating System rockwellautomation 1769_compactlogix_l23x_controller_firmware 20.010 Yes
Operating System rockwellautomation 1769_compactlogix_l23x_controller_firmware 20.013 Yes
Hardware rockwellautomation 1769_compactlogix_l23x_controller - No
Operating System rockwellautomation 1769_compactlogix_5370_l3_controller_firmware 20.00 Yes
Operating System rockwellautomation 1769_compactlogix_5370_l3_controller_firmware 20.010 Yes
Operating System rockwellautomation 1769_compactlogix_5370_l3_controller_firmware 20.013 Yes
Operating System rockwellautomation 1769_compactlogix_5370_l3_controller_firmware 21.00 Yes
Hardware rockwellautomation 1769_compactlogix_5370_l3_controller - No
Operating System rockwellautomation 1769_compactlogix_5370_l2_controller_firmware 20.00 Yes
Operating System rockwellautomation 1769_compactlogix_5370_l2_controller_firmware 20.010 Yes
Operating System rockwellautomation 1769_compactlogix_5370_l2_controller_firmware 20.013 Yes
Operating System rockwellautomation 1769_compactlogix_5370_l2_controller_firmware 21.00 Yes
Hardware rockwellautomation 1769_compactlogix_5370_l2_controller - No
Operating System rockwellautomation 1769_compactlogix_5370_l1_controller_firmware 20.00 Yes
Operating System rockwellautomation 1769_compactlogix_5370_l1_controller_firmware 20.010 Yes
Operating System rockwellautomation 1769_compactlogix_5370_l1_controller_firmware 20.013 Yes
Operating System rockwellautomation 1769_compactlogix_5370_l1_controller_firmware 21.00 Yes
Hardware rockwellautomation 1769_compactlogix_5370_l1_controller - No
Operating System rockwellautomation 1768_compactlogix_l4x_controller_firmware 16.00 Yes
Operating System rockwellautomation 1768_compactlogix_l4x_controller_firmware 16.020 Yes
Operating System rockwellautomation 1768_compactlogix_l4x_controller_firmware 16.025 Yes
Operating System rockwellautomation 1768_compactlogix_l4x_controller_firmware 17.00 Yes
Operating System rockwellautomation 1768_compactlogix_l4x_controller_firmware 18.00 Yes
Operating System rockwellautomation 1768_compactlogix_l4x_controller_firmware 19.00 Yes
Operating System rockwellautomation 1768_compactlogix_l4x_controller_firmware 20.00 Yes
Operating System rockwellautomation 1768_compactlogix_l4x_controller_firmware 20.011 Yes
Operating System rockwellautomation 1768_compactlogix_l4x_controller_firmware 20.016 Yes
Hardware rockwellautomation 1768_compactlogix_l4x_controller - No
Operating System rockwellautomation 1768_compact_guardlogix_l4xs_controller_firmware 18.00 Yes
Operating System rockwellautomation 1768_compact_guardlogix_l4xs_controller_firmware 19.00 Yes
Operating System rockwellautomation 1768_compact_guardlogix_l4xs_controller_firmware 20.00 Yes
Operating System rockwellautomation 1768_compact_guardlogix_l4xs_controller_firmware 20.011 Yes
Operating System rockwellautomation 1768_compact_guardlogix_l4xs_controller_firmware 20.013 Yes
Hardware rockwellautomation 1768_compact_guardlogix_l4xs_controller - No
References

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For rockwellautomation's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.