CVE-2023-7242


Industrial Control Systems Network Protocol Parsers (ICSNPP) - Ethercat 
Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds 
read during the process of analyzing a specific Ethercat packet. This 
could allow an attacker to crash the Zeek process and leak some 
information in memory.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.2 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
icscertCNA
8.2 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
CISA-ADPADP
---
---
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 38%
Common Weakness Enumeration
References
https://www.cisa.gov/news-events/ics-advisories/icsa-24-051-02
https://www.cisa.gov/news-events/ics-advisories/icsa-24-051-02