Vulnerability CVE-2012-4690


Published: 2012-12-08

Description:
Rockwell Automation Allen-Bradley MicroLogix controller 1100, 1200, 1400, and 1500; SLC 500 controller platform; and PLC-5 controller platform, when Static status is not enabled, allow remote attackers to cause a denial of service via messages that trigger modification of status bits.

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.1/10
6.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Rockwellautomation -> Ab micrologix controller 
Rockwellautomation -> Plc-5 controller 
Rockwellautomation -> Slc 500 controller 

 References:
http://www.us-cert.gov/control_systems/pdf/ICSA-12-342-01.pdf
https://rockwellautomation.custhelp.com/app/answers/detail/a_id/511407

Copyright 2021, cxsecurity.com

 

Back to Top