RSS   Vulnerabilities for 'Softlogix controllers'   RSS

2013-01-24
 
CVE-2012-6442

CWE-119
 

 
Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400 allow remote attackers to cause a denial of service (control and communication outage) via a CIP message that specifies a reset.

 
 
CVE-2012-6441

CWE-200
 

 
Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400 allow remote attackers to obtain sensitive information via a crafted CIP packet.

 
 
CVE-2012-6440

CWE-287
 

 
The web-server password-authentication functionality in Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400 allows man-in-the-middle attackers to conduct replay attacks via HTTP traffic.

 
 
CVE-2012-6439

CWE-Other
 

 
Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400 allow remote attackers to cause a denial of service (control and communication outage) via a CIP message that modifies the (1) configuration or (2) network parameters.

 
 
CVE-2012-6438

CWE-119
 

 
Buffer overflow in Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400 allows remote attackers to cause a denial of service (NIC crash and communication outage) via a malformed CIP packet.

 
 
CVE-2012-6437

CWE-287
 

 
Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400 do not properly perform authentication for Ethernet firmware updates, which allows remote attackers to execute arbitrary code via a Trojan horse update image.

 
 
CVE-2012-6436

CWE-119
 

 
Buffer overflow in Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400 allows remote attackers to cause a denial of service (CPU crash and communication outage) via a malformed CIP packet.

 
 
CVE-2012-6435

CWE-399
 

 
Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400 allow remote attackers to cause a denial of service (control and communication outage) via a CIP message that specifies a logic-execution stop and fault.

 

 >>> Vendor: Rockwellautomation 144 Products
Controllogix 1756-enbt/a ethernet/ ip bridge
Ab micrologix controller 1100
Ab micrologix controller 1400
1756-enbt series a
1756-enbt series a firmware
Eds hardware installation tool
Rslinx classic
Factorytalk diagnostics viewer
Rslogix
Factorytalk
Rslogix 5000
Ab micrologix controller
Plc-5 controller
Slc 500 controller
Controllogix controllers
Guardlogix controllers
Micrologix
Softlogix controllers
1756-enbt
1756-eweb
1768-enbt
1768-eweb
1794-aentr flex i/o ethernet/ip adapter
Compactlogix
Compactlogix controllers
Compactlogix l32e controller
Compactlogix l35e controller
Controllogix
Flexlogix 1788-enbt adapter
Guardlogix
Softlogix
Rslinx enterprise
Factorytalk services platform
Rslogix 5000 design and configuration software
Connected components workbench
Factorytalk view studio
Rsview32
Micrologix 1100 firmware
Micrologix 1400 firmware
1763-l16awa series a
1763-l16awa series b
1763-l16bbb series a
1763-l16bbb series b
1763-l16bwa series a
1763-l16bwa series b
1763-l16dwd series a
1763-l16dwd series b
Compactlogix controller 1769 firmware
Integrated architecture builder
Factorytalk energrymetrix
1766-l32awa
1766-l32awaa
1766-l32bwa
1766-l32bwaa
1766-l32bxb
1766-l32bxba
Rslogix 500 professional edition
Rslogix 500 standard edition
Rslogix 500 starter edition
Rslogix micro developer
Rslogix micro starter lite
1766-l32awa series b
1766-l32bxb series b
1766-l32awa series a
1766-l32bxb series a
1766-l32awaa series a
1766-l32bxba series b
1766-l32awaa series b
1766-l32bwaa series a
1766-l32bwa series b
1766-l32bwa series a
1766-l32bwaa series b
1766-l32bxba series a
Controllogix 5580 firmware
Compactlogix 5830 firmware
Panelview plus 6 700-1500 firmware
Softlogic
1763-l16dwd firmware
1763-l16bbb firmware
1763-l16bwa firmware
1763-l16awa firmware
Factorytalk alarms and events
1766-l32awa firmware
1766-l32awaa firmware
1766-l32bwa firmware
1766-l32bwaa firmware
1766-l32bxb firmware
1766-l32bxba firmware
Rslinx
Micrologix 1400 b firmware
Factorytalk activation
Arena
Allen-bradley l30erms firmware
1756-en2f series a firmware
1756-en2f series b firmware
1756-en2f series c firmware
1756-en2t series a firmware
1756-en2t series b firmware
1756-en2t series c firmware
1756-en2t series d firmware
See all Products for Vendor Rockwellautomation


Copyright 2024, cxsecurity.com

 

Back to Top