CVE Vulnerabilities

CVE-2012-6435

Published: Jan 24, 2013 | Modified: Jan 25, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.8 HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu

Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400 allow remote attackers to cause a denial of service (control and communication outage) via a CIP message that specifies a logic-execution stop and fault.

Affected Software

Name Vendor Start Version End Version
Guardlogix_controllers Rockwellautomation * 20
Compactlogix_controllers Rockwellautomation * 19
1794-aentr_flex_i/o_ethernet/ip_adapter Rockwellautomation - -
Flexlogix_1788-enbt_adapter Rockwellautomation - -
Micrologix Rockwellautomation * 1400
Guardlogix Rockwellautomation * 18
Micrologix Rockwellautomation * 1100
1768-enbt Rockwellautomation - -
1756-enbt Rockwellautomation - -
Compactlogix Rockwellautomation * 18
Controllogix Rockwellautomation * 18
1756-eweb Rockwellautomation - -
1768-eweb Rockwellautomation - -
Compactlogix_l35e_controller Rockwellautomation - -
Compactlogix_l32e_controller Rockwellautomation - -
Softlogix_controllers Rockwellautomation * 19
Controllogix_controllers Rockwellautomation * 20
Softlogix Rockwellautomation * 18

References