Vulnerabilities (CVE)

Filtered by vendor Rockwellautomation Subscribe
Filtered by product Flex I\/o 1794-aent
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-6084 1 Rockwellautomation 1 Flex I\/o 1794-aent 2023-12-10 7.8 HIGH 7.5 HIGH
An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability by sending an Electronic Key Segment with less bytes than required by the Key Format Table.
CVE-2020-6085 1 Rockwellautomation 1 Flex I\/o 1794-aent 2023-12-10 7.8 HIGH 7.5 HIGH
An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability by sending an Electronic Key Segment with less than 0x18 bytes following the Key Format field.