Rewterz Threat Advisory – Cisco Nexus 5600 / 6000 Series Switches NX-OS FCoE Denial of Service Vulnerability
March 7, 2019Rewterz Threat Advisory – CVE-2019-1599 – Cisco Multiple Nexus Switches NX-OS Netstack Denial of Service Vulnerability
March 7, 2019Rewterz Threat Advisory – Cisco Nexus 5600 / 6000 Series Switches NX-OS FCoE Denial of Service Vulnerability
March 7, 2019Rewterz Threat Advisory – CVE-2019-1599 – Cisco Multiple Nexus Switches NX-OS Netstack Denial of Service Vulnerability
March 7, 2019Severity
High
Analysis Summary
An input validation issue in a .dll file of RSLinx Classic where the data in a Forward Open service request is passed to a fixed size buffer, allowing an attacker to exploit a stack-based buffer overflow condition.
Affected Vendors
Rockwell Automation
Affected Products
RSLinx Classic Versions 4.10.00 and prior
Remediation
Rockwell Automation has released patches to address earlier versions of RSLinx Classic including v3.60, v3.70, v3.80, v3.81, v3.90, v4.00.01, v4.10.