CVE-2012-6439

Name of the Vulnerable Software and Affected Versions Rockwell Automation EtherNet/IP products versions prior to the fixed version Rockwell Automation 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules versions prior to the fixed version Rockwell Automation CompactLogix L32E and L35E controllers versions prior to the fixed version Rockwell Automation 1788-ENBT FLEXLogix adapter versions prior to the fixed version Rockwell Automation 1794-AENTR FLEX I/O EtherNet/IP adapter versions prior to the fixed version Rockwell Automation ControlLogix versions 18 and earlier Rockwell Automation CompactLogix versions 18 and earlier Rockwell Automation GuardLogix versions 18 and earlier Rockwell Automation SoftLogix versions 18 and earlier Rockwell Automation CompactLogix controllers versions 19 and earlier Rockwell Automation SoftLogix controllers versions 19 and earlier Rockwell Automation ControlLogix controllers versions 20 and earlier Rockwell Automation GuardLogix controllers versions 20 and earlier Rockwell Automation MicroLogix 1100 and 1400 versions prior to the fixed version

Description The issue allows remote attackers to cause a denial of service, resulting in control and communication outage, via a CIP message that modifies the configuration or network parameters.

Recommendations For Rockwell Automation EtherNet/IP products, update to a version that contains a fix for this issue. For Rockwell Automation 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules, update to a version that contains a fix for this issue. For Rockwell Automation CompactLogix L32E and L35E controllers, update to a version that contains a fix for this issue. For Rockwell Automation 1788-ENBT FLEXLogix adapter, update to a version that contains a fix for this issue. For Rockwell Automation 1794-AENTR FLEX I/O EtherNet/IP adapter, update to a version that contains a fix for this issue. For Rockwell Automation ControlLogix versions 18 and earlier, update to a version later than 18. For Rockwell Automation CompactLogix versions 18 and earlier, update to a version later than 18. For Rockwell Automation GuardLogix versions 18 and earlier, update to a version later than 18. For Rockwell Automation SoftLogix versions 18 and earlier, update to a version later than 18. For Rockwell Automation CompactLogix controllers versions 19 and earlier, update to a version later than 19. For Rockwell Automation SoftLogix controllers versions 19 and earlier, update to a version later than 19. For Rockwell Automation ControlLogix controllers versions 20 and earlier, update to a version later than 20. For Rockwell Automation GuardLogix controllers versions 20 and earlier, update to a version later than 20. For Rockwell Automation MicroLogix 1100 and 1400, update to a version that contains a fix for this issue.