Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2012-6438
HistoryJan 24, 2013 - 9:55 p.m.

CVE-2012-6438

2013-01-2421:55:01
CWE-119
[email protected]
web.nvd.nist.gov

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.7 Medium

AI Score

Confidence

High

0.027 Low

EPSS

Percentile

90.5%

JSON

Buffer overflow in Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400 allows remote attackers to cause a denial of service (NIC crash and communication outage) via a malformed CIP packet.

Affected configurations

NVD
Node
rockwellautomationcontrollogix_controllersRange20
OR
rockwellautomationguardlogix_controllersRange20
OR
rockwellautomationmicrologixRange1100
OR
rockwellautomationmicrologixRange1400
OR
rockwellautomationsoftlogix_controllersRange19
OR
rockwellautomation1756-enbtMatch-
OR
rockwellautomation1756-ewebMatch-
OR
rockwellautomation1768-enbtMatch-
OR
rockwellautomation1768-ewebMatch-
OR
rockwellautomation1794-aentr_flex_i\/o_ethernet\/ip_adapterMatch-
OR
rockwellautomationcompactlogixRange18
OR
rockwellautomationcompactlogix_controllersRange19
OR
rockwellautomationcompactlogix_l32e_controllerMatch-
OR
rockwellautomationcompactlogix_l35e_controllerMatch-
OR
rockwellautomationcontrollogixRange18
OR
rockwellautomationflexlogix_1788-enbt_adapterMatch-
OR
rockwellautomationguardlogixRange18
OR
rockwellautomationsoftlogixRange18

Related

prion 1
cvelist 1
nessus 4
cve 1
ics 1
prion
prion
Buffer overflow
2013-01-24 21:55:00
cvelist
cvelist
CVE-2012-6438
2022-10-03 16:15:28
nessus
nessus
Rockwellautomation Controllogix Improper Restriction of Operations within the Bounds of a Memory Buffer
2019-11-08 00:00:00
Rockwell ControlLogix controllers Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2012-6438)
2022-02-07 00:00:00
Rockwell Automation MicroLogix 1100 PLC < Series B FRN 13.0 Multiple Vulnerabilities
2015-07-07 00:00:00
cve
cve
CVE-2012-6438
2022-10-03 16:15:28
ics
ics
Rockwell Automation ControlLogix PLC Vulnerabilities
2019-02-13 12:00:00

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.7 Medium

AI Score

Confidence

High

0.027 Low

EPSS

Percentile

90.5%

JSON
Related for NVD:CVE-2012-6438
prion1cvelist1nessus4cve1ics1