Rockwell Automation RSLinx Classic < 3.73.00 Buffer Overflow
High Nessus Plugin ID 83523
SynopsisAn application running on the remote host is affected by an arbitrary code execution vulnerability.
DescriptionThe remote host has a version of RSLinx Classic installed that is prior to 3.73.00. It is, therefore, affected by an arbitrary code execution vulnerability due an overflow condition caused by improper validation of user-supplied input. A local attacker can exploit this, via a specially crafted comma-separated value (CSV) file, to cause a stack-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code.
SolutionUpgrade to Rockwell Automation RSLinx Classic version 3.73.00 or later.