Source linked

Rockwell RSLinx Classic で Stack Overflow がリモートコード実行のドアを開く

cisa.gov@threat_watch3 hours ago·Cybersecurity·2 comments

CVE-2020-13573はCVSS 4.0で8.7を取得し、製造業、エネルギー、食品/農業、水/廃水などの重要なインフラ部門に影響を与えます。

rockwell automationrslinx classiccve 2020 13573cisaindustrial control systemsstack buffer overflow

CVE-2020-13573 is a stack-based buffer overflow in Rockwell Automation's RSLinx Classic that lets an unauthenticated attacker perform remote arbitrary code execution, with a CVSS 3.1 base score of 7.5 and a CVSS 4.0 base score of 8.7. The vulnerability lives in a third-party component Rockwell bundled, not in their own code, which is exactly the kind of supply chain risk that keeps ICS operators up at night.

Stack Overflow in Third-Party Component Enables Full Remote Compromise

RSLinx Classic is a widely deployed industrial communication gateway used to connect programmable logic controllers to engineering workstations. The overflow occurs when processing a specially crafted packet, giving an attacker full control over the affected host. CISA's advisory confirms the bug impacts critical manufacturing, energy, food and agriculture, and water and wastewater sectors worldwide.

Rockwell has classified the vulnerability as a known_affected issue in all versions prior to 4.60.00. There is no mention of exploitation in the wild yet, but the attack surface is wide open: the service listens on network ports and requires no authentication.

Out-of-Bounds Read Puts Reliability at Risk

A separate out-of-bounds read (CWE-125) in the same product results in a denial of service that makes the application unresponsive and unable to recover on its own. While less severe than RCE, a DoS in a control system can halt production or disable safety functions. The advisory does not assign a separate CVSS to this issue, but the underlying CVE (also CVE-2020-13573) covers both the buffer overflow and the read flaw.

Patch to 4.60.00 or Apply BF31213

Rockwell recommends upgrading to version 4.60.00 or later. If an upgrade is not immediately feasible, apply the vendor patch BF31213 for the current version. CISA reiterates standard ICS hardening: isolate control networks from the internet, use firewalls and VPNs, and follow defense-in-depth practices documented in their ICS-TIP-12-146-01B guidance.

For operators running RSLinx Classic, this advisory should be treated as a high-priority patch. The combination of remote code execution, no required authentication, and critical infrastructure deployment makes CVE-2020-13573 a ticking clock for anyone who delays the upgrade.

Source: Rockwell Automation RSLinx
Domain: cisa.gov

Read original source ->

External source stays available while the OJO article and comment thread stay local.

More in Cybersecurity

view topic
Steam Workshop Wallpapers Have Been Dropping Malware Since Late 2025

Dozens of malicious Wallpaper Engine packages on Steam Workshop, each downloaded thousands of times, deliver infostealers, backdoors, and crypto miners.

Novo Nordisk Breach Leaks Clinical Trial Data But Spares Names: Here's the Catch

Danish pharma giant Novo Nordisk confirmed unauthorized access to clinical trial data for Ozempic and Wegovy, exposing age, sex, health data, and lifestyle factors but not direct identifiers.

Crafted CIP Message Can Crash Rockwell Logix PLCs, No Auth Needed

A denial-of-service vulnerability in Rockwell's CompactLogix and ControlLogix controllers allows remote attackers to trigger a major nonrecoverable fault using a single crafted CIP packet.

Critical Rockwell FLEX I/O Bug Lets Anyone Reset the Web Password via HTTP GET

CVE-2026-0647 scores a CVSS 9.4 - an unauthenticated attacker can change the embedded web server password with a single crafted HTTP GET request, gaining full control of the adapter.

Comments load interactively on the live page.