Authentication Flaw in Rockwell Automation EtherNet/IP Products
CVE-2012-6437

9.8CRITICAL

Key Information:

Vendor: Rockwell Automation
Status: 1756-enbt, 1756-eweb, 1768-enbt, 1768-eweb Communication Modules; Compactlogix L32e And L35e Controllers; 1788-enbt Flexlogix Adapter; 1794-aentr Flex I/o Ethernet/ip Adapter
Vendor: CVE Published:; 24 January 2013

🔔 Create Rockwell Automation Vulnerability Alert

What is CVE-2012-6437?

Rockwell Automation's EtherNet/IP products, including various communication modules and controllers, are susceptible to an authentication vulnerability that fails to adequately secure firmware updates. This flaw enables remote attackers to exploit the system by executing arbitrary code via a malicious firmware update. Organizations using these affected products are urged to assess their firmware update processes and implement security measures to mitigate potential attacks.

Affected Version(s)

1756-ENBT, 1756-EWEB, 1768-ENBT, 1768-EWEB communication modules All

1788-ENBT FLEXLogix adapter All

1794-AENTR FLEX I/O EtherNet/IP adapter All

References

https://www.cisa.gov/news-events/ics-advisories/icsa-13-0...

https://rockwellautomation.custhelp.com/app/answers/detai...

EPSS Score

9% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jan 24, 2013

CVE-2012-6437 Data

JSON