Details of VAR-201204-0174

ID

VAR-201204-0174

CVE

CVE-2012-0222

TITLE

Rockwell Automation Allen-Bradley FactoryTalk Buffer Overflow Vulnerability

Trust: 1.6

sources: IVD: 7d70a8d0-463f-11e9-be91-000c29342cb1 // IVD: f9f79006-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-8874 // CNNVD: CNNVD-201204-004

DESCRIPTION

The FactoryTalk (FT) RNADiagReceiver service in Rockwell Automation Allen-Bradley FactoryTalk CPR9 through SR5 and RSLogix 5000 17 through 20 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted packet. Rockwell Automation is a provider of industrial automation, control and information technology solutions. Rockwell Automation FactoryTalk Activation Server RNADiagReceiver has errors in processing packets. Submitting a packet containing more than 2000 bytes to UDP port 4445 can result in no subsequent connections. An attacker can exploit these issues to crash the affected application, denying service to legitimate users

Trust: 3.96

sources: NVD: CVE-2012-0222 // JVNDB: JVNDB-2012-001983 // CNVD: CNVD-2012-0190 // CNVD: CNVD-2012-0189 // CNVD: CNVD-2012-8874 // BID: 51444 // IVD: 7d70a8d0-463f-11e9-be91-000c29342cb1 // IVD: f9f79006-2353-11e6-abef-000c29c66e3d // VULHUB: VHN-53503

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 2.2

sources: IVD: 7d70a8d0-463f-11e9-be91-000c29342cb1 // IVD: f9f79006-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0190 // CNVD: CNVD-2012-0189 // CNVD: CNVD-2012-8874

AFFECTED PRODUCTS

vendor:	rockwellautomation	model:	factorytalk	scope:	eq	version:	cpr9	Trust: 1.6
vendor:	rockwellautomation	model:	rslogix 5000	scope:	eq	version:	18	Trust: 1.6
vendor:	rockwellautomation	model:	rslogix 5000	scope:	eq	version:	20	Trust: 1.6
vendor:	rockwellautomation	model:	rslogix 5000	scope:	eq	version:	17	Trust: 1.6
vendor:	rockwellautomation	model:	factorytalk	scope:	eq	version:	cpr9_sr5	Trust: 1.6
vendor:	rockwellautomation	model:	rslogix 5000	scope:	eq	version:	19	Trust: 1.6
vendor:	rockwall	model:	automation rslogix	scope:	eq	version:	500018	Trust: 1.5
vendor:	rockwall	model:	automation rslogix	scope:	eq	version:	500019	Trust: 1.5
vendor:	rockwall	model:	automation rslogix	scope:	eq	version:	500017	Trust: 1.5
vendor:	rockwall	model:	automation factorytalk activation server	scope:	eq	version:	3.2	Trust: 1.5
vendor:	rockwell automation	model:	factorytalk	scope:	eq	version:	cpr9 to sr5	Trust: 0.8
vendor:	rockwell automation	model:	rslogix 5000	scope:	eq	version:	17 to 20	Trust: 0.8
vendor:	no	model:	-	scope:	-	version:	-	Trust: 0.6
vendor:	factorytalk	model:	cpr9	scope:	-	version:	-	Trust: 0.4
vendor:	factorytalk	model:	cpr9 sr5	scope:	-	version:	-	Trust: 0.4
vendor:	rslogix 5000	model:	-	scope:	eq	version:	17	Trust: 0.4
vendor:	rslogix 5000	model:	-	scope:	eq	version:	18	Trust: 0.4
vendor:	rslogix 5000	model:	-	scope:	eq	version:	19	Trust: 0.4
vendor:	rslogix 5000	model:	-	scope:	eq	version:	20	Trust: 0.4
vendor:	rockwall	model:	automation factorytalk cpr9-sr5	scope:	-	version:	-	Trust: 0.3
vendor:	rockwall	model:	automation factorytalk cpr9-sr4	scope:	-	version:	-	Trust: 0.3
vendor:	rockwall	model:	automation factorytalk cpr9-sr3	scope:	-	version:	-	Trust: 0.3
vendor:	rockwall	model:	automation factorytalk cpr9-sr2	scope:	-	version:	-	Trust: 0.3
vendor:	rockwall	model:	automation factorytalk cpr9-sr1	scope:	-	version:	-	Trust: 0.3
vendor:	rockwall	model:	automation factorytalk cpr9	scope:	-	version:	-	Trust: 0.3
vendor:	rockwall	model:	automation factorytalk	scope:	eq	version:	0	Trust: 0.3

sources: IVD: 7d70a8d0-463f-11e9-be91-000c29342cb1 // IVD: f9f79006-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0190 // CNVD: CNVD-2012-0189 // CNVD: CNVD-2012-8874 // BID: 51444 // JVNDB: JVNDB-2012-001983 // CNNVD: CNNVD-201204-004 // NVD: CVE-2012-0222

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2012-0222
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2012-0222
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2012-8874
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201204-004
value:	MEDIUM
Trust: 0.6
IVD:	7d70a8d0-463f-11e9-be91-000c29342cb1
value:	MEDIUM
Trust: 0.2
IVD:	f9f79006-2353-11e6-abef-000c29c66e3d
value:	MEDIUM
Trust: 0.2
VULHUB:	VHN-53503
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2012-0222
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2012-8874
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	7d70a8d0-463f-11e9-be91-000c29342cb1
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	f9f79006-2353-11e6-abef-000c29c66e3d
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-53503
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: IVD: 7d70a8d0-463f-11e9-be91-000c29342cb1 // IVD: f9f79006-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-8874 // VULHUB: VHN-53503 // JVNDB: JVNDB-2012-001983 // CNNVD: CNNVD-201204-004 // NVD: CVE-2012-0222

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-53503 // JVNDB: JVNDB-2012-001983 // NVD: CVE-2012-0222

THREAT TYPE

remote

Trust: 1.2

sources: CNNVD: CNNVD-201201-287 // CNNVD: CNNVD-201204-004

TYPE

Buffer overflow

Trust: 1.0

sources: IVD: 7d70a8d0-463f-11e9-be91-000c29342cb1 // IVD: f9f79006-2353-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201204-004

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-001983

PATCH

title:	RSLogix 5000	url:	http://www.rockwellautomation.com/rockwellsoftware/design/rslogix5000/	Trust: 0.8
title:	FactoryTalk	url:	http://www.rockwellautomation.com/rockwellsoftware/factorytalk/	Trust: 0.8
title:	Patch for Rockwell Automation Allen-Bradley FactoryTalk Buffer Overflow Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/36064	Trust: 0.6

sources: CNVD: CNVD-2012-8874 // JVNDB: JVNDB-2012-001983

EXTERNAL IDS

db:	NVD	id:	CVE-2012-0222	Trust: 3.8
db:	ICS CERT	id:	ICSA-12-088-01	Trust: 3.4
db:	BID	id:	51444	Trust: 2.1
db:	CNNVD	id:	CNNVD-201204-004	Trust: 1.1
db:	ICS CERT ALERT	id:	ICS-ALERT-12-017-01	Trust: 1.1
db:	CNVD	id:	CNVD-2012-8874	Trust: 1.0
db:	JVNDB	id:	JVNDB-2012-001983	Trust: 0.8
db:	CNVD	id:	CNVD-2012-0190	Trust: 0.6
db:	CNVD	id:	CNVD-2012-0189	Trust: 0.6
db:	CNNVD	id:	CNNVD-201201-287	Trust: 0.6
db:	IVD	id:	7D70A8D0-463F-11E9-BE91-000C29342CB1	Trust: 0.2
db:	IVD	id:	F9F79006-2353-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	VULHUB	id:	VHN-53503	Trust: 0.1

sources: IVD: 7d70a8d0-463f-11e9-be91-000c29342cb1 // IVD: f9f79006-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0190 // CNVD: CNVD-2012-0189 // CNVD: CNVD-2012-8874 // VULHUB: VHN-53503 // BID: 51444 // JVNDB: JVNDB-2012-001983 // CNNVD: CNNVD-201201-287 // CNNVD: CNNVD-201204-004 // NVD: CVE-2012-0222

REFERENCES

url:	http://www.us-cert.gov/control_systems/pdf/icsa-12-088-01.pdf	Trust: 2.8
url:	http://rockwellautomation.custhelp.com/app/answers/detail/a_id/469937	Trust: 1.7
url:	http://aluigi.altervista.org/adv/rnadiagreceiver_1-adv.txt	Trust: 1.5
url:	http://www.us-cert.gov/control_systems/pdf/ics-alert-12-017-01.pdf	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0222	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-0222	Trust: 0.8
url:	http://ics-cert.us-cert.gov/advisories/icsa-12-088-01	Trust: 0.6
url:	http://www.securityfocus.com/bid/51444	Trust: 0.6
url:	http://www.rockwellautomation.com/	Trust: 0.3

sources: CNVD: CNVD-2012-0190 // CNVD: CNVD-2012-0189 // CNVD: CNVD-2012-8874 // VULHUB: VHN-53503 // BID: 51444 // JVNDB: JVNDB-2012-001983 // CNNVD: CNNVD-201201-287 // CNNVD: CNNVD-201204-004 // NVD: CVE-2012-0222

CREDITS

Luigi Auriemma

Trust: 0.9

sources: BID: 51444 // CNNVD: CNNVD-201201-287

SOURCES

db:	IVD	id:	7d70a8d0-463f-11e9-be91-000c29342cb1
db:	IVD	id:	f9f79006-2353-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2012-0190
db:	CNVD	id:	CNVD-2012-0189
db:	CNVD	id:	CNVD-2012-8874
db:	VULHUB	id:	VHN-53503
db:	BID	id:	51444
db:	JVNDB	id:	JVNDB-2012-001983
db:	CNNVD	id:	CNNVD-201201-287
db:	CNNVD	id:	CNNVD-201204-004
db:	NVD	id:	CVE-2012-0222

LAST UPDATE DATE

2024-08-14T14:28:13.014000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2012-0190	date:	2012-01-19T00:00:00
db:	CNVD	id:	CNVD-2012-0189	date:	2012-01-19T00:00:00
db:	CNVD	id:	CNVD-2012-8874	date:	2012-04-05T00:00:00
db:	VULHUB	id:	VHN-53503	date:	2012-04-03T00:00:00
db:	BID	id:	51444	date:	2012-03-28T22:10:00
db:	JVNDB	id:	JVNDB-2012-001983	date:	2012-04-04T00:00:00
db:	CNNVD	id:	CNNVD-201201-287	date:	2012-01-30T00:00:00
db:	CNNVD	id:	CNNVD-201204-004	date:	2012-04-05T00:00:00
db:	NVD	id:	CVE-2012-0222	date:	2012-04-03T04:00:00

SOURCES RELEASE DATE

db:	IVD	id:	7d70a8d0-463f-11e9-be91-000c29342cb1	date:	2012-04-05T00:00:00
db:	IVD	id:	f9f79006-2353-11e6-abef-000c29c66e3d	date:	2012-04-05T00:00:00
db:	CNVD	id:	CNVD-2012-0190	date:	2012-01-19T00:00:00
db:	CNVD	id:	CNVD-2012-0189	date:	2012-01-19T00:00:00
db:	CNVD	id:	CNVD-2012-8874	date:	2012-04-05T00:00:00
db:	VULHUB	id:	VHN-53503	date:	2012-04-02T00:00:00
db:	BID	id:	51444	date:	2012-01-17T00:00:00
db:	JVNDB	id:	JVNDB-2012-001983	date:	2012-04-04T00:00:00
db:	CNNVD	id:	CNNVD-201201-287	date:	1900-01-01T00:00:00
db:	CNNVD	id:	CNNVD-201204-004	date:	2012-04-05T00:00:00
db:	NVD	id:	CVE-2012-0222	date:	2012-04-02T18:55:01.090