Jared Rittle of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.

The Rockwell Automation Allen-Bradley Flex I/O input/output device is vulnerable to a denial-of-service vulnerability. FLEX I/O provides a wide range of input/output operations while keeping a smaller form factor. Users can communicate with the device via Ethernet/IP (ENIP) and HTTP. An attacker could send a specially crafted, malicious packet to the affected device, causing a denial of service.

In accordance with our coordinated disclosure policy, Cisco Talos worked with Rockwell Automation to ensure that these issues are resolved and that an update is available for affected customers.

Vulnerability details

Allen-Bradley Flex IO 1794-AENT/B ENIP request path network segment denial-of-service vulnerability (TALOS-2020-1008/CVE-2020-6088)

An exploitable denial of service vulnerability exists in the ENIP Request Path Network Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability.

Read the complete vulnerability advisory here for additional information.

Versions tested

Talos tested and confirmed that this vulnerability affects the Allen-Bradley Flex IO 1794-AENT/B 4.003.

Coverage

The following SNORTⓇ rules from an earlier rule release will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.

Snort Rules: 53126