First published: Thu Jan 24 2013(Updated: )
Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400 allow remote attackers to obtain sensitive information via a crafted CIP packet.
Credit: ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
Rockwellautomation Controllogix Controllers | <=20 | |
Rockwellautomation Guardlogix Controllers | <=20 | |
Rockwellautomation Micrologix | <=1100 | |
Rockwellautomation Micrologix | <=1400 | |
Rockwellautomation Softlogix Controllers | <=19 | |
Rockwellautomation 1756-enbt | ||
Rockwellautomation 1756-eweb | ||
Rockwellautomation 1768-enbt | ||
Rockwellautomation 1768-eweb | ||
Rockwellautomation 1794-aentr Flex I\/o Ethernet\/ip Adapter | ||
Rockwellautomation Compactlogix | <=18 | |
Rockwellautomation Compactlogix Controllers | <=19 | |
Rockwellautomation Compactlogix L32e Controller | ||
Rockwellautomation Compactlogix L35e Controller | ||
Rockwellautomation Controllogix | <=18 | |
Rockwellautomation Flexlogix 1788-enbt Adapter | ||
Rockwellautomation Guardlogix | <=18 | |
Rockwellautomation Softlogix | <=18 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.