Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_ROCKWELL_CVE-2012-4690.NASL
HistoryFeb 07, 2022 - 12:00 a.m.

Rockwell MicroLogix Denial Of Service (CVE-2012-4690)

2022-02-0700:00:00
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

6.9 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.8%

JSON

Rockwell Automation Allen-Bradley MicroLogix controller 1100, 1200, 1400, and 1500; SLC 500 controller platform; and PLC-5 controller platform, when Static status is not enabled, allow remote attackers to cause a denial of service via messages that trigger modification of status bits.

This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(500257);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/12/14");

  script_cve_id("CVE-2012-4690");

  script_name(english:"Rockwell MicroLogix Denial Of Service (CVE-2012-4690)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"Rockwell Automation Allen-Bradley MicroLogix controller 1100, 1200, 1400, and 1500; SLC 500 controller platform; and
PLC-5 controller platform, when Static status is not enabled, allow remote attackers to cause a denial of service via
messages that trigger modification of status bits.  

This plugin only works with Tenable.ot. Please visit
https://www.tenable.com/products/tenable-ot for more information.");
  script_set_attribute(attribute:"see_also", value:"https://rockwellautomation.custhelp.com/app/answers/detail/a_id/511407");
  script_set_attribute(attribute:"see_also", value:"http://www.us-cert.gov/control_systems/pdf/ICSA-12-342-01.pdf");
  script_set_attribute(attribute:"see_also", value:"http://ics-cert.us-cert.gov/advisories/ICSA-12-342-01A");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-4690");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(16);

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/12/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/12/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/02/07");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:rockwellautomation:ab_micrologix_controller:1200");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:rockwellautomation:ab_micrologix_controller:1500");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:rockwellautomation:plc-5_controller:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:rockwellautomation:slc_500_controller:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:rockwellautomation:ab_micrologix_controller:1400");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:rockwellautomation:ab_micrologix_controller:1100");
  script_set_attribute(attribute:"generated_plugin", value:"former");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Rockwell");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Rockwell');

var asset = tenable_ot::assets::get(vendor:'Rockwell');

var vuln_cpes = {
    "cpe:/h:rockwellautomation:ab_micrologix_controller:1200" :
        {"family" : "MicroLogix1200"},
    "cpe:/h:rockwellautomation:ab_micrologix_controller:1500" :
        {"family" : "MicroLogix1500"},
    "cpe:/h:rockwellautomation:plc-5_controller:-" :
        {"family" : "PLC5"},
    "cpe:/h:rockwellautomation:slc_500_controller:-" :
        {"family" : "SLC5"},
    "cpe:/h:rockwellautomation:ab_micrologix_controller:1400" :
        {"family" : "MicroLogix1400"},
    "cpe:/h:rockwellautomation:ab_micrologix_controller:1100" :
        {"family" : "MicroLogix1100"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);
VendorProductVersionCPE
rockwellautomationab_micrologix_controller1200cpe:/h:rockwellautomation:ab_micrologix_controller:1200
rockwellautomationab_micrologix_controller1500cpe:/h:rockwellautomation:ab_micrologix_controller:1500
rockwellautomationplc-5_controller-cpe:/h:rockwellautomation:plc-5_controller:-
rockwellautomationslc_500_controller-cpe:/h:rockwellautomation:slc_500_controller:-
rockwellautomationab_micrologix_controller1400cpe:/h:rockwellautomation:ab_micrologix_controller:1400
rockwellautomationab_micrologix_controller1100cpe:/h:rockwellautomation:ab_micrologix_controller:1100

Related

nvd 1
cve 1
prion 1
cvelist 1
nessus 2
ics 1
nvd
nvd
CVE-2012-4690
2012-12-08 15:55:01
cve
cve
CVE-2012-4690
2012-12-08 15:55:01
prion
prion
Code injection
2012-12-08 15:55:00
cvelist
cvelist
CVE-2012-4690
2012-12-08 15:00:00
nessus
nessus
Rockwellautomation Ab Unspecified Vulnerability
2019-11-08 00:00:00
Allen-Bradley MicroLogix 1400 Multiple Vulnerabilities
2016-05-27 00:00:00
ics
ics
Rockwell Allen-Bradley MicroLogix, SLC 500, and PLC-5 Fault Generation Vulnerability (Update B)
2018-09-06 12:00:00

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

6.9 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.8%

JSON
Related for TENABLE_OT_ROCKWELL_CVE-2012-4690.NASL
nvd1cve1prion1cvelist1nessus2ics1