CVEブラウザに戻る

CVE-2012-4715

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1030%

EPSS Percentile14.23th

Published2013年4月18日

Last Modified2026年4月29日

Vulnerability Description

Buffer overflow in LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a UDP packet with a certain integer length value that is (1) too large or (2) too small, leading to improper handling by Logger.dll.

Affected Platforms (CPE)

🔌

Rockwellautomation

Rslinx Enterprise

= cpr9

🔌

Rockwellautomation

Rslinx Enterprise

= cpr9

🔌

Rockwellautomation

Rslinx Enterprise

= cpr9

🔌

Rockwellautomation

Rslinx Enterprise

= cpr9

🔌

Rockwellautomation

Rslinx Enterprise

= cpr9

🔌

Rockwellautomation

Rslinx Enterprise

= cpr9

🔌

Rockwellautomation

Rslinx Enterprise

= cpr9

🔌

Rockwellautomation

Rslinx Enterprise

= cpr9

References & Advisories

🔗 http://ics-cert.us-cert.gov/pdf/ICSA-13-095-02.pdf

🔗 https://rockwellautomation.custhelp.com/app/answers/detail/a_id/537599

🔗 http://ics-cert.us-cert.gov/pdf/ICSA-13-095-02.pdf

🔗 https://rockwellautomation.custhelp.com/app/answers/detail/a_id/537599

関連する脆弱性情報

CVE-2020-120348.2

Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk Linx software (Previously called RSLinx Enterprise): Versio...

CVE-2013-28067.5

Rockwell Automation RSLinx Enterprise Software (LogReceiver.exe) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5....

CVE-2013-28077.5

Rockwell Automation RSLinx Enterprise Software (LogReceiver.exe) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5....

CVE-2013-28057.5

Rockwell Automation RSLinx Enterprise Software (LogReceiver.exe) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5....