Published: 02/04/2012 Updated: 03/04/2012

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

The FactoryTalk (FT) RNADiagReceiver service in Rockwell Automation Allen-Bradley FactoryTalk CPR9 through SR5 and RSLogix 5000 17 through 20 does not properly handle the return value from an unspecified function, which allows remote malicious users to cause a denial of service (service outage) via a crafted packet.

Vulnerable Product	Search on Vulmon	Subscribe to Product
rockwellautomation factorytalk cpr9
rockwellautomation rslogix 5000 17
rockwellautomation rslogix 5000 18
rockwellautomation rslogix 5000 19
rockwellautomation rslogix 5000 20
rockwellautomation factorytalk cpr9_sr5

source: wwwsecurityfocuscom/bid/51444/info Rockwell Automation FactoryTalk Activation Server is prone to multiple remote denial-of-service vulnerabilities An attacker can exploit these issues to crash the affected application, denying service to legitimate users githubcom/offensive-security/exploitdb-bin-sploits/raw/master/b ...

CWE-20 http://www.us-cert.gov/control_systems/pdf/ICSA-12-088-01.pdf http://rockwellautomation.custhelp.com/app/answers/detail/a_id/469937 https://nvd.nist.gov https://www.exploit-db.com/exploits/36570/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-0221

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect