CVE-2012-6442: Buffer Overflow
First published: Thu Jan 24 2013(Updated: )
Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400 allow remote attackers to cause a denial of service (control and communication outage) via a CIP message that specifies a reset.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Rockwellautomation Ethernet\/ip Firmware | ||
| Rockwellautomation 1756-enbt | ||
| Rockwellautomation 1756-eweb | ||
| Rockwellautomation 1768-enbt | ||
| Rockwellautomation 1768-eweb | ||
| Rockwellautomation Compactlogix Firmware | ||
| Rockwellautomation L32e | ||
| Rockwellautomation L35e | ||
| Rockwellautomation Flexlogix Firmware | ||
| Rockwellautomation 1788-enbt | ||
| Rockwellautomation Flex I\/o Ethernet\/ip Firmware | ||
| Rockwellautomation 1794-aentr | ||
| Rockwellautomation Micrologix Firmware | ||
| Rockwellautomation 1100 | ||
| Rockwellautomation 1400 | ||
| Rockwellautomation Compactlogix Controllers Firmware | =19 | |
| Rockwellautomation Compactlogix Firmware | =18 | |
| Rockwellautomation Controllogix Controllers Firmware | =20 | |
| Rockwellautomation Controllogix Firmware | =18 | |
| Rockwellautomation Guardlogix Controllers Firmware | =20 | |
| Rockwellautomation Guardlogix Firmware | =18 | |
| Rockwellautomation Softlogix Controllers Firmware | =19 | |
| Rockwellautomation Softlogix Firmware | =18 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/rockwellautomation
- canonical/rockwellautomation ethernet\/ip firmware
- canonical/rockwellautomation 1756-enbt
- canonical/rockwellautomation 1756-eweb
- canonical/rockwellautomation 1768-enbt
- canonical/rockwellautomation 1768-eweb
- canonical/rockwellautomation compactlogix firmware
- canonical/rockwellautomation l32e
- canonical/rockwellautomation l35e
- canonical/rockwellautomation flexlogix firmware
- canonical/rockwellautomation 1788-enbt
- canonical/rockwellautomation flex i\/o ethernet\/ip firmware
- canonical/rockwellautomation 1794-aentr
- canonical/rockwellautomation micrologix firmware
- canonical/rockwellautomation 1100
- canonical/rockwellautomation 1400
- canonical/rockwellautomation compactlogix controllers firmware
- version/rockwellautomation compactlogix controllers firmware/19
- version/rockwellautomation compactlogix firmware/18
- canonical/rockwellautomation controllogix controllers firmware
- version/rockwellautomation controllogix controllers firmware/20
- canonical/rockwellautomation controllogix firmware
- version/rockwellautomation controllogix firmware/18
- canonical/rockwellautomation guardlogix controllers firmware
- version/rockwellautomation guardlogix controllers firmware/20
- canonical/rockwellautomation guardlogix firmware
- version/rockwellautomation guardlogix firmware/18
- canonical/rockwellautomation softlogix controllers firmware
- version/rockwellautomation softlogix controllers firmware/19
- canonical/rockwellautomation softlogix firmware
- version/rockwellautomation softlogix firmware/18