Lucene search

PRIOn knowledge basePRION:CVE-2012-6438

HistoryJan 24, 2013 - 9:55 p.m.

Buffer overflow

2013-01-2421:55:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.027 Low

EPSS

Percentile

90.5%

JSON

Buffer overflow in Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400 allows remote attackers to cause a denial of service (NIC crash and communication outage) via a malformed CIP packet.

CPENameOperatorVersion
compactlogixle18
compactlogix_controllersle19
controllogixle18
controllogix_controllersle20
guardlogixle18
guardlogix_controllersle20
micrologixle1400
micrologixle1100
softlogixle18
softlogix_controllersle19

Name	Operator	Version
compactlogix	le	18
compactlogix_controllers	le	19
controllogix	le	18
controllogix_controllers	le	20
guardlogix	le	18
guardlogix_controllers	le	20
micrologix	le	1400
micrologix	le	1100
softlogix	le	18
softlogix_controllers	le	19

References

www.us-cert.gov/control_systems/pdf/ICSA-13-011-03.pdf

7.3 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.027 Low

EPSS

Percentile

90.5%

JSON

Related for PRION:CVE-2012-6438