Vulnerability Details CVE-2019-6553
A vulnerability was found in Rockwell Automation RSLinx Classic versions 4.10.00 and prior. An input validation issue in a .dll file of RSLinx Classic where the data in a Forward Open service request is passed to a fixed size buffer, allowing an attacker to exploit a stack-based buffer overflow condition.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.053
EPSS Ranking 89.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2019-6553
-
cpe:2.3:a:rockwellautomation:rslinx:2.10.18
-
cpe:2.3:a:rockwellautomation:rslinx:2.20.02
-
cpe:2.3:a:rockwellautomation:rslinx:2.43.01
-
cpe:2.3:a:rockwellautomation:rslinx:2.50.00
-
cpe:2.3:a:rockwellautomation:rslinx:2.51.00
-
cpe:2.3:a:rockwellautomation:rslinx:2.52.00
-
cpe:2.3:a:rockwellautomation:rslinx:2.53.00
-
cpe:2.3:a:rockwellautomation:rslinx:2.54.00
-
cpe:2.3:a:rockwellautomation:rslinx:2.55.00
-
cpe:2.3:a:rockwellautomation:rslinx:2.56.00
-
cpe:2.3:a:rockwellautomation:rslinx:2.57.00
-
cpe:2.3:a:rockwellautomation:rslinx:2.57.00.14
-
cpe:2.3:a:rockwellautomation:rslinx:2.58.00
-
cpe:2.3:a:rockwellautomation:rslinx:2.59.02
-
cpe:2.3:a:rockwellautomation:rslinx:3.51.01
-
cpe:2.3:a:rockwellautomation:rslinx:3.60.00
-
cpe:2.3:a:rockwellautomation:rslinx:3.61.00
-
cpe:2.3:a:rockwellautomation:rslinx:3.70.00
-
cpe:2.3:a:rockwellautomation:rslinx:3.71.00
-
cpe:2.3:a:rockwellautomation:rslinx:3.73.00
-
cpe:2.3:a:rockwellautomation:rslinx:3.74.00
-
cpe:2.3:a:rockwellautomation:rslinx:3.80.00
-
cpe:2.3:a:rockwellautomation:rslinx:3.81.00
-
cpe:2.3:a:rockwellautomation:rslinx:3.90.00
-
cpe:2.3:a:rockwellautomation:rslinx:3.90.01
-
cpe:2.3:a:rockwellautomation:rslinx:4.00.01
-
cpe:2.3:a:rockwellautomation:rslinx:4.10.00