Sign-up

ID

VAR-201212-0031


CVE

CVE-2012-4690


TITLE

Rockwell Automation Controllers Denial of service vulnerability

Trust: 0.8

sources: IVD: 3173df04-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-7372

DESCRIPTION

Rockwell Automation Allen-Bradley MicroLogix controller 1100, 1200, 1400, and 1500; SLC 500 controller platform; and PLC-5 controller platform, when Static status is not enabled, allow remote attackers to cause a denial of service via messages that trigger modification of status bits. Rockwell Automation is a provider of industrial automation, control and information technology solutions. There is a denial of service vulnerability in Rockwell Automation Controllers. Due to errors in the processing of certain messages, an attacker can send a message to TCP and 2222 or 44818 UDP port, causing the device to fail. Exploiting this issue allows remote attackers to trigger denial-of-service conditions. ---------------------------------------------------------------------- The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/ ---------------------------------------------------------------------- TITLE: Rockwell Automation Controllers Denial of Service Vulnerability SECUNIA ADVISORY ID: SA51534 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51534/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51534 RELEASE DATE: 2012-12-10 DISCUSS ADVISORY: http://secunia.com/advisories/51534/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/51534/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=51534 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in some Rockwell Automation controllers, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is reported in the following products: * MicroLogix 1100 controller * MicroLogix 1200 controller * MicroLogix 1400 controller * MicroLogix 1500 controller * SLC 500 controller platform * PLC-5 controller platform SOLUTION: No official solution is currently available. PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Matthew Luallen, CYBATI. ORIGINAL ADVISORY: ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-12-342-01.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.88

sources: NVD: CVE-2012-4690 // JVNDB: JVNDB-2011-005209 // CNVD: CNVD-2012-7372 // BID: 56872 // IVD: 3173df04-2353-11e6-abef-000c29c66e3d // VULHUB: VHN-57971 // VULMON: CVE-2012-4690 // PACKETSTORM: 118729

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 3173df04-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-7372

AFFECTED PRODUCTS

vendor:rockwellautomationmodel:ab micrologix controllerscope:eqversion:1400

Trust: 1.6

vendor:rockwellautomationmodel:ab micrologix controllerscope:eqversion:1100

Trust: 1.6

vendor:rockwellautomationmodel:slc 500 controllerscope:eqversion: -

Trust: 1.6

vendor:rockwellautomationmodel:plc-5 controllerscope:eqversion: -

Trust: 1.6

vendor:rockwellautomationmodel:ab micrologix controllerscope:eqversion:1500

Trust: 1.6

vendor:rockwellautomationmodel:ab micrologix controllerscope:eqversion:1200

Trust: 1.6

vendor:rockwell automationmodel:allen-bradley micrologixscope:eqversion:1100

Trust: 0.8

vendor:rockwell automationmodel:allen-bradley micrologixscope:eqversion:1200

Trust: 0.8

vendor:rockwell automationmodel:allen-bradley micrologixscope:eqversion:1400

Trust: 0.8

vendor:rockwell automationmodel:allen-bradley micrologixscope:eqversion:1500

Trust: 0.8

vendor:rockwell automationmodel:plc-5 controllerscope:eqversion:platform

Trust: 0.8

vendor:rockwell automationmodel:slc 500 controllerscope:eqversion:platform

Trust: 0.8

vendor:rockwellmodel:automation micrologix controllersscope:eqversion:17621200

Trust: 0.6

vendor:rockwellmodel:automation micrologix controllersscope:eqversion:17631100

Trust: 0.6

vendor:rockwellmodel:automation micrologix controllersscope:eqversion:17641500

Trust: 0.6

vendor:rockwellmodel:automation micrologix controllersscope:eqversion:17661400

Trust: 0.6

vendor:rockwellmodel:automation plc-5 controllerscope: - version: -

Trust: 0.6

vendor:rockwellmodel:automation slc controllerscope:eqversion:500

Trust: 0.6

vendor:rockwellmodel:automation micrologixscope:eqversion:14000

Trust: 0.3

vendor:rockwellmodel:automation micrologixscope:eqversion:11000

Trust: 0.3

vendor:ab micrologix controllermodel: - scope:eqversion:1100

Trust: 0.2

vendor:ab micrologix controllermodel: - scope:eqversion:1200

Trust: 0.2

vendor:ab micrologix controllermodel: - scope:eqversion:1400

Trust: 0.2

vendor:ab micrologix controllermodel: - scope:eqversion:1500

Trust: 0.2

vendor:plc 5 controllermodel: - scope:eqversion: -

Trust: 0.2

vendor:slc 500 controllermodel: - scope:eqversion: -

Trust: 0.2

sources: IVD: 3173df04-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-7372 // BID: 56872 // JVNDB: JVNDB-2011-005209 // CNNVD: CNNVD-201212-108 // NVD: CVE-2012-4690

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-4690
value: HIGH

Trust: 1.0

NVD: CVE-2012-4690
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201212-108
value: HIGH

Trust: 0.6

IVD: 3173df04-2353-11e6-abef-000c29c66e3d
value: HIGH

Trust: 0.2

VULHUB: VHN-57971
value: HIGH

Trust: 0.1

VULMON: CVE-2012-4690
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2012-4690
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

IVD: 3173df04-2353-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-57971
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: 3173df04-2353-11e6-abef-000c29c66e3d // VULHUB: VHN-57971 // VULMON: CVE-2012-4690 // JVNDB: JVNDB-2011-005209 // CNNVD: CNNVD-201212-108 // NVD: CVE-2012-4690

PROBLEMTYPE DATA

problemtype:CWE-16

Trust: 1.9

sources: VULHUB: VHN-57971 // JVNDB: JVNDB-2011-005209 // NVD: CVE-2012-4690

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201212-108

TYPE

Configuration error

Trust: 0.8

sources: IVD: 3173df04-2353-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201212-108

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2011-005209

PATCH
title:MicroLogixシステムurl:http://ab.rockwellautomation.com/ja/programmable-controllers/micrologix-systems
Trust: 0.8
title:SLC 500コントローラurl:http://ab.rockwellautomation.com/ja/Programmable-Controllers/SLC-500-Controllers
Trust: 0.8
title:PLC-5コントローラurl:http://jp.rockwellautomation.com/applications/gs/ap/gsjp.nsf/pages/PLC-5Controllers
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2011-005209

EXTERNAL IDS
db:NVDid:CVE-2012-4690
Trust: 3.7
db:ICS CERTid:ICSA-12-342-01
Trust: 2.7
db:ICS CERTid:ICSA-12-342-01A
Trust: 1.2
db:BIDid:56872
Trust: 1.0
db:CNNVDid:CNNVD-201212-108
Trust: 0.9
db:CNVDid:CNVD-2012-7372
Trust: 0.8
db:SECUNIAid:51534
Trust: 0.8
db:JVNDBid:JVNDB-2011-005209
Trust: 0.8
db:IVDid:3173DF04-2353-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:VULHUBid:VHN-57971
Trust: 0.1
db:ICS CERTid:ICSA-12-342-01B
Trust: 0.1
db:VULMONid:CVE-2012-4690
Trust: 0.1
db:PACKETSTORMid:118729
Trust: 0.1
sources:
            
            
            IVD: 3173df04-2353-11e6-abef-000c29c66e3d // 
            
            
            
            CNVD: CNVD-2012-7372 // 
            
            
            
            VULHUB: VHN-57971 // 
            
            
            
            VULMON: CVE-2012-4690 // 
            
            
            
            BID: 56872 // 
            
            
            
            JVNDB: JVNDB-2011-005209 // 
            
            
            
            PACKETSTORM: 118729 // 
            
            
            
            CNNVD: CNNVD-201212-108 // 
            
            
            
            NVD: CVE-2012-4690

REFERENCES
url:http://www.us-cert.gov/control_systems/pdf/icsa-12-342-01.pdf
Trust: 2.7
url:https://rockwellautomation.custhelp.com/app/answers/detail/a_id/511407
Trust: 1.8
url:http://ics-cert.us-cert.gov/advisories/icsa-12-342-01a
Trust: 1.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4690
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4690
Trust: 0.8
url:http://secunia.com/advisories/51534/
Trust: 0.7
url:https://cwe.mitre.org/data/definitions/16.html
Trust: 0.1
url:http://tools.cisco.com/security/center/viewalert.x?alertid=27585
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://ics-cert.us-cert.gov/advisories/icsa-12-342-01b
Trust: 0.1
url:https://ca.secunia.com/?page=viewadvisory&vuln_id=51534
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
Trust: 0.1
url:http://secunia.com/vulnerability_intelligence/
Trust: 0.1
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/personal/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/blog/325/
Trust: 0.1
url:http://secunia.com/advisories/51534/#comments
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2012-7372 // 
            
            
            
            VULHUB: VHN-57971 // 
            
            
            
            VULMON: CVE-2012-4690 // 
            
            
            
            JVNDB: JVNDB-2011-005209 // 
            
            
            
            PACKETSTORM: 118729 // 
            
            
            
            CNNVD: CNNVD-201212-108 // 
            
            
            
            NVD: CVE-2012-4690

CREDITS
Matthew Luallen of CYBATI
Trust: 0.3
sources:
            
            
            BID: 56872

SOURCES
db:IVDid:3173df04-2353-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2012-7372
db:VULHUBid:VHN-57971
db:VULMONid:CVE-2012-4690
db:BIDid:56872
db:JVNDBid:JVNDB-2011-005209
db:PACKETSTORMid:118729
db:CNNVDid:CNNVD-201212-108
db:NVDid:CVE-2012-4690

LAST UPDATE DATE
2025-04-11T23:10:41.552000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2012-7372date:2012-12-11T00:00:00
db:VULHUBid:VHN-57971date:2013-05-21T00:00:00
db:VULMONid:CVE-2012-4690date:2013-05-21T00:00:00
db:BIDid:56872date:2014-04-17T01:03:00
db:JVNDBid:JVNDB-2011-005209date:2012-12-12T00:00:00
db:CNNVDid:CNNVD-201212-108date:2012-12-10T00:00:00
db:NVDid:CVE-2012-4690date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:IVDid:3173df04-2353-11e6-abef-000c29c66e3ddate:2012-12-11T00:00:00
db:CNVDid:CNVD-2012-7372date:2012-12-11T00:00:00
db:VULHUBid:VHN-57971date:2012-12-08T00:00:00
db:VULMONid:CVE-2012-4690date:2012-12-08T00:00:00
db:BIDid:56872date:2012-12-10T00:00:00
db:JVNDBid:JVNDB-2011-005209date:2012-12-12T00:00:00
db:PACKETSTORMid:118729date:2012-12-10T06:33:55
db:CNNVDid:CNNVD-201212-108date:2012-12-10T00:00:00
db:NVDid:CVE-2012-4690date:2012-12-08T15:55:01.007