Rockwell Automation Information for VU#127584

RSLinx Classic EDS Wizard buffer overflow vulnerability

Status

Affected

Vendor Statement

Rockwell Automation has issued a software patch for the EDS Hardware Installation Tool that addresses this buffer overflow vulnerability. When applied, the patch replaces the RSEds.dll file with the modified version. Future releases of RSLinx Classic, starting with version 2.58 will include this modified version of the required files.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://rockwellautomation.custhelp.com/app/answers/detail/a_id/276774
http://rockwellautomation.custhelp.com/app/answers/detail/a_id/54102
http://rockwellautomation.custhelp.com/app/answers/detail/a_id/279194

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.