CVE-2023-38744
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2023-38744 is a denial-of-service (DoS) vulnerability that affects the CJ Series CJ2 CPU unit and the CS/CJ Series EtherNet/IP unit. This vulnerability occurs due to improper validation of a specified type of input issue in the built-in EtherNet/IP port. If an affected product receives a specially crafted packet from a remote unauthenticated attacker, it may lead to a DoS condition. The affected products include CJ2M CPU Unit CJ2M-CPU3[] Unit version 2.18 and earlier, CJ2H CPU Unit CJ2H-CPU6[]-EIP Unit version 3.04 and earlier, CS1W-EIP21 V3.04 and earlier, and CJ1W-EIP21 V3.04 and earlier versions of CS/CJ Series EtherNet/IP Units. The vulnerability has a base severity rating of HIGH according to [email protected], with an exploitability score of 3.9 and an impact score of 3.6. It poses a potential danger to organizations as it could result in a denial-of-service condition for the affected products if exploited by an attacker over the network.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions