Buffer Overflow Vulnerability in Rockwell Automation EtherNet/IP Communication Modules
CVE-2012-6438

Currently unrated

Key Information:

Vendor

Rockwell Automation
Status
1756-enbt, 1756-eweb, 1768-enbt, 1768-eweb Communication Modules
Compactlogix L32e And L35e Controllers
1788-enbt Flexlogix Adapter
1794-aentr Flex I/o Ethernet/ip Adapter
Vendor
CVE Published:
24 January 2013

What is CVE-2012-6438?

A buffer overflow vulnerability has been identified in Rockwell Automation EtherNet/IP products, which affects numerous communication modules and controllers. Attackers can exploit this vulnerability by sending malformed CIP packets, potentially causing a denial of service. This may lead to a crash of the network interface card (NIC) and result in extended communication outages, compromising the operational integrity of affected systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

1756-ENBT, 1756-EWEB, 1768-ENBT, 1768-EWEB communication modules All

1788-ENBT FLEXLogix adapter All

1794-AENTR FLEX I/O EtherNet/IP adapter All

References

https://www.cisa.gov/news-events/ics-advisories/icsa-13-0...
https://rockwellautomation.custhelp.com/app/answers/detai...
https://rockwellautomation.custhelp.com/app/answers/detai...

EPSS Score

13% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.