CVE-2023-38744

Summary

CVE-2023-38744 is a denial-of-service (DoS) vulnerability that affects the CJ Series CJ2 CPU unit and the CS/CJ Series EtherNet/IP unit. This vulnerability occurs due to improper validation of a specified type of input issue in the built-in EtherNet/IP port. If an affected product receives a specially crafted packet from a remote unauthenticated attacker, it may lead to a DoS condition. The affected products include CJ2M CPU Unit CJ2M-CPU3[] Unit version 2.18 and earlier, CJ2H CPU Unit CJ2H-CPU6[]-EIP Unit version 3.04 and earlier, CS1W-EIP21 V3.04 and earlier, and CJ1W-EIP21 V3.04 and earlier versions of CS/CJ Series EtherNet/IP Units. The vulnerability has a base severity rating of HIGH according to [email protected], with an exploitability score of 3.9 and an impact score of 3.6. It poses a potential danger to organizations as it could result in a denial-of-service condition for the affected products if exploited by an attacker over the network.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.