CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-0027

Rockwell Automation Modbus TCP Server AOI prior to 2.04.00 is vulnerable to an unauthorized user sending a malformed message that could cause the controller to respond with a copy of the most recent response to the last valid request. If exploited, an unauthorized user could read the connected device’s Modbus TCP Server AOI information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 9.7%

CVSS Severity

CVSS v3 Score 5.3

References

https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1138766
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1138766

Products affected by CVE-2023-0027

Rockwellautomation » Modbus Tcp Server Add On Instructions » Version: 2.00.00

cpe:2.3:a:rockwellautomation:modbus_tcp_server_add_on_instructions:2.00.00
Rockwellautomation » Modbus Tcp Server Add On Instructions » Version: 2.00.03

cpe:2.3:a:rockwellautomation:modbus_tcp_server_add_on_instructions:2.00.03

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-0027

Products

Pricing

Contact Us