Sensitive Information Exposure in Rockwell Automation EtherNet/IP Products
CVE-2012-6441

Currently unrated

Key Information:

Vendor: Rockwell Automation
Status: 1756-enbt, 1756-eweb, 1768-enbt, 1768-eweb Communication Modules; Compactlogix L32e And L35e Controllers; 1788-enbt Flexlogix Adapter; 1794-aentr Flex I/o Ethernet/ip Adapter
Vendor: CVE Published:; 24 January 2013

🔔 Create Rockwell Automation Vulnerability Alert

What is CVE-2012-6441?

Rockwell Automation EtherNet/IP products contain a vulnerability that allows remote attackers to exploit crafted CIP packets, resulting in the exposure of sensitive information. Affected devices include multiple communication modules and controllers, making it critical for users to assess their equipment and apply necessary mitigations to safeguard their systems.

Affected Version(s)

1756-ENBT, 1756-EWEB, 1768-ENBT, 1768-EWEB communication modules All

1788-ENBT FLEXLogix adapter All

1794-AENTR FLEX I/O EtherNet/IP adapter All

References

https://www.cisa.gov/news-events/ics-advisories/icsa-13-0...

https://rockwellautomation.custhelp.com/app/answers/detai...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jan 24, 2013