{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T10:16:41.642","vulnerabilities":[{"cve":{"id":"CVE-2018-14829","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2018-09-20T19:29:00.690","lastModified":"2024-11-21T03:49:53.123","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vulnerability may allow a remote threat actor to intentionally send a malformed CIP packet to Port 44818, causing the software application to stop responding and crash. This vulnerability also has the potential to exploit a buffer overflow condition, which may allow the threat actor to remotely execute arbitrary code."},{"lang":"es","value":"Rockwell Automation RSLinx Classic en versiones 4.00.01 y anteriores. Esta vulnerabilidad podría permitir que un actor de amenaza remoto envíe de forma intencional un paquete CIP mal formado al puerto 44818, lo que provoca que la aplicación deje de responder y se cierre inesperadamente. La vulnerabilidad también tiene potencial para explotar una condición de desbordamiento de búfer, lo que podría permitir que el actor de amenaza ejecutar código arbitrario de forma remota."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:rslinx:*:*:*:*:classic:*:*:*","versionEndIncluding":"4.00.01","matchCriteriaId":"8A2F3687-1906-476D-9947-B4A02AAA1E24"}]}]}],"references":[{"url":"https://ics-cert.us-cert.gov/advisories/ICSA-18-263-02","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.tenable.com/security/research/tra-2018-26","source":"ics-cert@hq.dhs.gov","tags":["Exploit","Third Party Advisory"]},{"url":"https://ics-cert.us-cert.gov/advisories/ICSA-18-263-02","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.tenable.com/security/research/tra-2018-26","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}