CVE-2023-38744

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 3, 2023

Updated: Aug 11, 2023

Summary

CVE-2023-38744 is a Denial-of-Service (DoS) vulnerability affecting the built-in EtherNet/IP port of CJ Series CJ2 CPU units and the communication function of CS/CJ Series EtherNet/IP units. The flaw is due to insufficient input validation. An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted packet to an affected product, resulting in a DoS condition. Affected products include CJ2M CPU Unit versions 2.18 and earlier, CJ2H CPU Unit versions 3.04 and earlier, CS/CJ Series EtherNet/IP Unit CS1W-EIP21 version 3.04 and earlier, and CS/CJ Series EtherNet/IP Unit CJ1W-EIP21 version 3.04 and earlier.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Vendors

Omron Foundation Inc.

Advisories, Assessments, and Mitigations

Back to Vulnerability Database