Rockwell Automation RSLinx Classic EDS Hardware Installation Tool contains a buffer overflow vulnerability.
According to Rockwell Automation's website: RSLinx Classic provides plant-floor device connectivity for a wide variety of Rockwell Software applications such as RSLogix™ 5/500/5000 and RSView32. The EDS Hardware Installation Tool (RSHWare.exe) that comes bundled with RSLinx Classic contains a buffer overflow vulnerability while parsing improperly formatted EDS files.
An attacker could exploit the vulnerability by tricking a user into opening a crafted .eds file, causing EDS Hardware Installation Tool to crash leading to possible execution of arbitrary code.
Apply an Update
According to Rockwell Automation's security advisory:
This vulnerability is present in version 126.96.36.199 and earlier versions of the EDS Hardware Installation Tool (RSHWare.exe).
Rockwell Automation Affected
Notified: April 25, 2011 Updated: June 01, 2011
Rockwell Automation has issued a software patch for the EDS Hardware Installation Tool that addresses this buffer overflow vulnerability. When applied, the patch replaces the RSEds.dll file with the modified version. Future releases of RSLinx Classic, starting with version 2.58 will include this modified version of the required files.
We are not aware of further vendor information regarding this vulnerability.
This vulnerability was found by Rockwell Automation's internal team and additionally by Michael Orlando working for CERT/CC.
This document was written by Michael Orlando.
|Date First Published:||2011-06-02|
|Date Last Updated:||2011-08-18 14:25 UTC|