CVE-2019-6553
CRITICALRockwell Automation RSLinx Classic < 4.10.00 - Stack-based Buffer Overflow via Forward Open Service Request
Title source: llmDescription
A vulnerability was found in Rockwell Automation RSLinx Classic versions 4.10.00 and prior. An input validation issue in a .dll file of RSLinx Classic where the data in a Forward Open service request is passed to a fixed size buffer, allowing an attacker to exploit a stack-based buffer overflow condition.
References (1)
Core 1
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-19-064-01
Scores
CVSS v3
9.8
EPSS
0.1725
EPSS Percentile
95.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-121
CWE-787
Status
published
Products (1)
rockwellautomation/rslinx
< 4.10.00
Published
Apr 04, 2019
Tracked Since
Feb 18, 2026