A vulnerability in Rockwell Automation Electronic Data Sheet (EDS) Hardware Installation Tool has been identified. This tool is bundled with RSLinx Classic for normal distribution. The install tool exhibits a buffer overflow vulnerability when parsing improperly formatted EDS files. This vulnerability is likely exploitable and could allow remote code execution, though that would require significant user interaction.
- EDS Hardware Installation Tool Version 18.104.22.168 and all earlier versions.
An attacker could exploit a buffer overflow vulnerability, leading to execution of arbitrary code. Failed execution of this vulnerability may also lead to denial-of-service conditions.
Digital Bond has not released a Quickdraw IDS Signature for this vulnerability at this time.
Rockwell Automation recommends concerned customers take the following immediate steps to mitigate risk associated with this vulnerability.
1. Restrict physical access to the computer
2. Establish policies and procedures such that only authorized individuals have administrative rights on the computer
3. Obtain product EDS files from trusted sources (e.g., product vendor)
4. Download and apply the Rockwell Automation issued Patch Aid 276774, available from the Rockwell Automation Support Center (requires an account logon for access): http://rockwellautomation.custhelp.com/app/answers/detail/a_id/276774.