Denial of Service Vulnerability in Rockwell Automation EtherNet/IP Products
CVE-2012-6439

Currently unrated

Key Information:

Vendor: Rockwell Automation
Status: 1756-enbt, 1756-eweb, 1768-enbt, 1768-eweb Communication Modules; Compactlogix L32e And L35e Controllers; 1788-enbt Flexlogix Adapter; 1794-aentr Flex I/o Ethernet/ip Adapter
Vendor: CVE Published:; 24 January 2013

🔔 Create Rockwell Automation Vulnerability Alert

What is CVE-2012-6439?

A vulnerability in Rockwell Automation's EtherNet/IP products allows remote attackers to exploit the system by sending a specific CIP message that can modify configuration or network parameters. This can lead to a denial of service, resulting in outages in control and communication functionalities, thus affecting the operation of critical systems.

Affected Version(s)

1756-ENBT, 1756-EWEB, 1768-ENBT, 1768-EWEB communication modules All

1788-ENBT FLEXLogix adapter All

1794-AENTR FLEX I/O EtherNet/IP adapter All

References

http://www.us-cert.gov/control_systems/pdf/ICSA-13-011-03...

x_refsource_MISC

https://rockwellautomation.custhelp.com/app/answers/detai...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jan 24, 2013