CVE-2012-4713

Name of the Vulnerable Software and Affected Versions Rockwell Automation FactoryTalk Services Platform (FTSP) versions CPR9 through CPR9-SR6

Description The issue is related to an integer signedness error in the RNADiagnostics.dll component. This error allows remote attackers to cause a denial of service, resulting in either a service outage or a crash of the RNADiagReceiver.exe daemon. The denial of service can be triggered via UDP data that specifies a negative integer value.

Recommendations For versions CPR9 through CPR9-SR6, update to a version that includes a fix for the integer signedness error in RNADiagnostics.dll to prevent remote attackers from causing a denial of service.