Pages

Rockwell Automation Electronic Data Sheet (EDS) Hardware Installation Tool Buffer Overflow Vulnerability

Vulnerability

A vulnerability in Rockwell Automation Electronic Data Sheet (EDS) Hardware Installation Tool has been identified. This tool is bundled with RSLinx Classic for normal distribution. The install tool exhibits a buffer overflow vulnerability when parsing improperly formatted EDS files. This vulnerability is likely exploitable and could allow remote code execution, though that would require significant user interaction.

Affected Systems

  • EDS Hardware Installation Tool Version 1.3.0.1 and all earlier versions.

Impact

An attacker could exploit a buffer overflow vulnerability, leading to execution of arbitrary code. Failed execution of this vulnerability may also lead to denial-of-service conditions.

Detection

Digital Bond has not released a Quickdraw IDS Signature for this vulnerability at this time.

Remediation

Rockwell Automation recommends concerned customers take the following immediate steps to mitigate risk associated with this vulnerability.
1. Restrict physical access to the computer
2. Establish policies and procedures such that only authorized individuals have administrative rights on the computer
3. Obtain product EDS files from trusted sources (e.g., product vendor)
4. Download and apply the Rockwell Automation issued Patch Aid 276774, available from the Rockwell Automation Support Center (requires an account logon for access): http://rockwellautomation.custhelp.com/app/answers/detail/a_id/276774.

External Links

ICSA-11-161-01—ROCKWELL AUTOMATION RSLINX CLASSIC EDS HARDWARE INSTALLATION TOOL BUFFER OVERFLOW