CyberSec.Space Logo
返回 CVE 浏览器

CVE-2012-6439

HIGH
8.5
CVSS Severity Score
EPSS Score0.1910%
EPSS Percentile43.56th
Published2013年1月24日
Last Modified2026年4月29日

Vulnerability Description

When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP that changes the product’s configuration and network parameters, a DoS condition can occur. This situation could cause loss of availability and a disruption of communication with other connected devices.  Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400

Affected Platforms (CPE)

📦
Rockwellautomation

Controllogix Controllers

<= 20
📦
Rockwellautomation

Guardlogix Controllers

<= 20
📦
Rockwellautomation

Micrologix

<= 1100
📦
Rockwellautomation

Micrologix

<= 1400
📦
Rockwellautomation

Softlogix Controllers

<= 19
🔌
Rockwellautomation

1756 Enbt

All versions
🔌
Rockwellautomation

1756 Eweb

All versions
🔌
Rockwellautomation

1768 Enbt

All versions
🔌
Rockwellautomation

1768 Eweb

All versions
🔌
Rockwellautomation

1794 Aentr Flex I\/o Ethernet\/ip Adapter

All versions
🔌
Rockwellautomation

Compactlogix

<= 18
🔌
Rockwellautomation

Compactlogix Controllers

<= 19
🔌
Rockwellautomation

Compactlogix L32e Controller

All versions
🔌
Rockwellautomation

Compactlogix L35e Controller

All versions
🔌
Rockwellautomation

Controllogix

<= 18
🔌
Rockwellautomation

Flexlogix 1788 Enbt Adapter

All versions
🔌
Rockwellautomation

Guardlogix

<= 18
🔌
Rockwellautomation

Softlogix

<= 18

References & Advisories

🔗 http://rockwellautomation.custhelp.com/app/answers/detail/a_id/54102
🔗 http://www.us-cert.gov/control_systems/pdf/ICSA-13-011-03.pdf
🔗 https://rockwellautomation.custhelp.com/app/answers/detail/a_id/470154
🔗 https://rockwellautomation.custhelp.com/app/answers/detail/aid/470155
🔗 https://rockwellautomation.custhelp.com/app/answers/detail/aid/470156
🔗 http://www.us-cert.gov/control_systems/pdf/ICSA-13-011-03.pdf

相关漏洞威胁

CVE-2012-64379.8

The device does not properly authenticate users and the potential exists for a remote user to upload a new firmware image to the E...

CVE-2021-226819.8

Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify ...

CVE-2018-179248.6

Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat act...

CVE-2012-64357.5

When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, P...