An attacker could send crafted SMTP packets to cause a denial-of-service condition where the controller enters a major non-recoverable faulted state (MNRF) in CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370 controllers, and Armor Compact GuardLogix 5370 Controllers Versions 20 to 30.014 and earlier.

An attacker could send crafted SMTP packets to cause a denial-of-service condition where the controller enters a major non-recoverable faulted state (MNRF) in CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370 controllers, and Armor Compact GuardLogix 5370 Controllers Versions 20 - 30 and earlier.

https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1075979 [No Types Assigned]

NIST AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

NIST AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

NIST CWE-787

NIST CWE-119

http://www.securityfocus.com/bid/108118 Third Party Advisory

http://www.securityfocus.com/bid/108118 Broken Link

ICS-CERT CWE-121

AND
     OR
          *cpe:2.3:o:rockwellautomation:armor_compact_guardlogix_5370_firmware:*:*:*:*:*:*:*:* versions from (including) 20.011 up to (including) 30.014
     OR
          cpe:2.3:h:rockwellautomation:armor_compact_guardlogix_5370:-:*:*:*:*:*:*:*

AND
     OR
          *cpe:2.3:o:rockwellautomation:compact_guardlogix_5370_firmware:*:*:*:*:*:*:*:* versions from (including) 20.011 up to (including) 30.014
     OR
          cpe:2.3:h:rockwellautomation:compact_guardlogix_5370:-:*:*:*:*:*:*:*

AND
     OR
          *cpe:2.3:o:rockwellautomation:compactlogix_5370_l1_firmware:*:*:*:*:*:*:*:* versions from (including) 20.011 up to (including) 30.014
     OR
          cpe:2.3:h:rockwellautomation:compactlogix_5370_l1:-:*:*:*:*:*:*:*

AND
     OR
          *cpe:2.3:o:rockwellautomation:compactlogix_5370_l2_firmware:*:*:*:*:*:*:*:* versions from (including) 20.011 up to (including) 30.014
     OR
          cpe:2.3:h:rockwellautomation:compactlogix_5370_l2:-:*:*:*:*:*:*:*

AND
     OR
          *cpe:2.3:o:rockwellautomation:compactlogix_5370_l3_firmware:*:*:*:*:*:*:*:* versions from (including) 20.011 up to (including) 30.014
     OR
          cpe:2.3:h:rockwellautomation:compactlogix_5370_l3:-:*:*:*:*:*:*:*

(AV:N/AC:L/Au:N/C:N/I:N/A:C)

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-119

http://www.securityfocus.com/bid/108118 No Types Assigned

http://www.securityfocus.com/bid/108118 Third Party Advisory

https://ics-cert.us-cert.gov/advisories/ICSA-19-120-01 No Types Assigned

https://ics-cert.us-cert.gov/advisories/ICSA-19-120-01 Third Party Advisory, US Government Resource

http://www.securityfocus.com/bid/108118 [No Types Assigned]