CVE-2023-38744
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2023-38744 is a Denial-of-Service (DoS) vulnerability affecting the built-in EtherNet/IP port of CJ Series CJ2 CPU units and the communication function of CS/CJ Series EtherNet/IP units. The flaw is due to insufficient input validation. An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted packet to an affected product, resulting in a DoS condition. Affected products include CJ2M CPU Unit versions 2.18 and earlier, CJ2H CPU Unit versions 3.04 and earlier, CS/CJ Series EtherNet/IP Unit CS1W-EIP21 version 3.04 and earlier, and CS/CJ Series EtherNet/IP Unit CJ1W-EIP21 version 3.04 and earlier.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- Omron Foundation Inc.
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions