CVE-2017-9628

An Information Exposure issue was discovered in Saia Burgess Controls PCD Controllers with PCD firmware versions prior to 1.28.16 or 1.24.69. In certain circumstances, the device pads Ethernet frames with memory contents.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
icscertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
VendorProductVersion
saia_burgess_controlspcd_controllers_firmware
𝑥
≤ 1.24.67
saia_burgess_controlspcd_controllers_firmware
𝑥
≤ 1.28.11
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/100949
https://ics-cert.us-cert.gov/advisories/ICSA-17-234-05
http://www.securityfocus.com/bid/100949
https://ics-cert.us-cert.gov/advisories/ICSA-17-234-05