CVE-2023-38744

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 3, 2023
Updated: Aug 11, 2023

Summary

CVE-2023-38744 is a Denial-of-Service (DoS) vulnerability affecting the built-in EtherNet/IP port of CJ Series CJ2 CPU units and the communication function of CS/CJ Series EtherNet/IP units. The flaw is due to insufficient input validation. An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted packet to an affected product, resulting in a DoS condition. Affected products include CJ2M CPU Unit versions 2.18 and earlier, CJ2H CPU Unit versions 3.04 and earlier, CS/CJ Series EtherNet/IP Unit CS1W-EIP21 version 3.04 and earlier, and CS/CJ Series EtherNet/IP Unit CJ1W-EIP21 version 3.04 and earlier.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2023-38744 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
  • Gain complete coverage of your cyber, third party, and physical attack surface
  • Proactively mitigate threats before they turn into costly attacks
  • Make fast, effective, data-driven decisions