CVE-2012-6436 in ControlLogix controllersinfo

Summary

Buffer overflow in Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400 allows remote attackers to cause a denial of service (CPU crash and communication outage) via a malformed CIP packet.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

12/26/2012

Disclosure

01/24/2013

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-119

CVSS

7.5

EPSS

0.13390

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-6436
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-6436
CVE Details	https://www.cvedetails.com/cve/CVE-2012-6436/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!