CVE-2012-6440
published 2013-01-24CVE-2012-6440: The Web server password authentication mechanism used by the products is vulnerable to a MitM and Replay attack. Successful exploitation of this vulnerability…
PriorityP432medium4.8CVSS 3.1
AVNACHPRNUINSUCLILAN
EPSS
8.12%
94.1th percentile
The Web server password authentication mechanism used by the products is vulnerable to a MitM and Replay attack. Successful exploitation of this vulnerability will allow unauthorized access of the product’s Web server to view and alter product configuration and diagnostics information.
Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rockwell_automation | 1788-enbt_flexlogix_adapter | — | — |
| rockwell_automation | 1794-aentr_flex_i_o_ethernet_ip_adapter | — | — |
| rockwell_automation | compactlogix_and_softlogix_controllers | <= 19 | — |
| rockwell_automation | compactlogix_l32e_and_l35e_controllers | — | — |
| rockwell_automation | controllogix_and_guardlogix_controllers | <= 20 | — |
| rockwell_automation | micrologix | — | — |
| rockwell_automation | micrologix | — | — |
| rockwellautomation | compactlogix | <= 18 | — |
| rockwellautomation | compactlogix_controllers | <= 19 | — |
| rockwellautomation | controllogix | <= 18 | — |
| rockwellautomation | controllogix_controllers | <= 20 | — |
| rockwellautomation | guardlogix | <= 18 | — |
| rockwellautomation | guardlogix_controllers | <= 20 | — |
| rockwellautomation | micrologix | <= 1100 | — |
| rockwellautomation | micrologix | <= 1400 | — |
| rockwellautomation | softlogix | <= 18 | — |
| rockwellautomation | softlogix_controllers | <= 19 | — |
CVSS provenance
nvdv3.14.8MEDIUMCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-c3p8-qp2x-9xxf: The web-server password-authentication functionality in Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB commu
ghsa_unreviewed·2022-05-17
CVE-2012-6440 [HIGH] CWE-287 GHSA-c3p8-qp2x-9xxf: The web-server password-authentication functionality in Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB commu
The web-server password-authentication functionality in Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400 allows man-in-the-middle attackers to conduct replay attacks via HTTP traffic.
CISA ICS
Rockwell Automation ControlLogix PLC Vulnerabilities
cisa_ics·2012-02-14
Rockwell Automation ControlLogix PLC Vulnerabilities
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Rockwell Automation ControlLogix PLC Vulnerabilities
Last RevisedFebruary 13, 2019
Alert CodeICSA-13-011-03
## Overview
This advisory is a follow up to the original alert titled ICS-ALERT-12-020-02A—Rockwell Automation ControlLogix PLC Vulnerabilities that was published February 14, 2012, on the ICS-CERT Web page.
Independent researcher Rubén Santamarta of IOActive identified vulnerabilities in Rockwell Automation’s ControlLogix PLC and released proof-of-concept (exploit) code at the Digital Bond S4 Conference on January 19, 2012. The vulnerabilities are exploitable by transmit
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://rockwellautomation.custhelp.com/app/answers/detail/a_id/54102https://rockwellautomation.custhelp.com/app/answers/detail/a_id/470154https://rockwellautomation.custhelp.com/app/answers/detail/aid/470155https://rockwellautomation.custhelp.com/app/answers/detail/aid/470156https://www.cisa.gov/news-events/ics-advisories/icsa-13-011-03http://www.us-cert.gov/control_systems/pdf/ICSA-13-011-03.pdf
2013-01-24
Published