CVE-2023-7244

Industrial Control Systems Network Protocol Parsers (ICSNPP) - Ethercat 
Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds 
write in their primary analyses function for Ethercat communication 
packets. This could allow an attacker to cause arbitrary code execution.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
icscertCNA
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
Common Weakness Enumeration
References
https://www.cisa.gov/news-events/ics-advisories/icsa-24-051-02
https://www.cisa.gov/news-events/ics-advisories/icsa-24-051-02