Description
A denial-of-service security issue exists across all the 1756-EN2, EN3, and ENBT communication module due to improper validation of CIP Implicit Connection packets. An attacker on the network can exploit this by sending crafted packets to continuously disrupt device connections, though device connections will recover immediately after.
Problem types
CWE-354 Improper validation of integrity check value
Product status
12.001 and before
6.006
References
www.rockwellautomation.com/...dvisories/advisory.SD1780.html