ID

VAR-201204-0174


CVE

CVE-2012-0222


TITLE

Rockwell Automation Allen-Bradley FactoryTalk Buffer Overflow Vulnerability

Trust: 1.6

sources: IVD: 7d70a8d0-463f-11e9-be91-000c29342cb1 // IVD: f9f79006-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-8874 // CNNVD: CNNVD-201204-004

DESCRIPTION

The FactoryTalk (FT) RNADiagReceiver service in Rockwell Automation Allen-Bradley FactoryTalk CPR9 through SR5 and RSLogix 5000 17 through 20 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted packet. Rockwell Automation is a provider of industrial automation, control and information technology solutions. Rockwell Automation FactoryTalk Activation Server RNADiagReceiver has errors in processing packets. Submitting a packet containing more than 2000 bytes to UDP port 4445 can result in no subsequent connections. An attacker can exploit these issues to crash the affected application, denying service to legitimate users

Trust: 3.96

sources: NVD: CVE-2012-0222 // JVNDB: JVNDB-2012-001983 // CNVD: CNVD-2012-0190 // CNVD: CNVD-2012-0189 // CNVD: CNVD-2012-8874 // BID: 51444 // IVD: 7d70a8d0-463f-11e9-be91-000c29342cb1 // IVD: f9f79006-2353-11e6-abef-000c29c66e3d // VULHUB: VHN-53503

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 2.2

sources: IVD: 7d70a8d0-463f-11e9-be91-000c29342cb1 // IVD: f9f79006-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0190 // CNVD: CNVD-2012-0189 // CNVD: CNVD-2012-8874

AFFECTED PRODUCTS

vendor:rockwellautomationmodel:factorytalkscope:eqversion:cpr9

Trust: 1.6

vendor:rockwellautomationmodel:rslogix 5000scope:eqversion:18

Trust: 1.6

vendor:rockwellautomationmodel:rslogix 5000scope:eqversion:20

Trust: 1.6

vendor:rockwellautomationmodel:rslogix 5000scope:eqversion:17

Trust: 1.6

vendor:rockwellautomationmodel:factorytalkscope:eqversion:cpr9_sr5

Trust: 1.6

vendor:rockwellautomationmodel:rslogix 5000scope:eqversion:19

Trust: 1.6

vendor:rockwallmodel:automation rslogixscope:eqversion:500018

Trust: 1.5

vendor:rockwallmodel:automation rslogixscope:eqversion:500019

Trust: 1.5

vendor:rockwallmodel:automation rslogixscope:eqversion:500017

Trust: 1.5

vendor:rockwallmodel:automation factorytalk activation serverscope:eqversion:3.2

Trust: 1.5

vendor:rockwell automationmodel:factorytalkscope:eqversion:cpr9 to sr5

Trust: 0.8

vendor:rockwell automationmodel:rslogix 5000scope:eqversion:17 to 20

Trust: 0.8

vendor:nomodel: - scope: - version: -

Trust: 0.6

vendor:factorytalkmodel:cpr9scope: - version: -

Trust: 0.4

vendor:factorytalkmodel:cpr9 sr5scope: - version: -

Trust: 0.4

vendor:rslogix 5000model: - scope:eqversion:17

Trust: 0.4

vendor:rslogix 5000model: - scope:eqversion:18

Trust: 0.4

vendor:rslogix 5000model: - scope:eqversion:19

Trust: 0.4

vendor:rslogix 5000model: - scope:eqversion:20

Trust: 0.4

vendor:rockwallmodel:automation factorytalk cpr9-sr5scope: - version: -

Trust: 0.3

vendor:rockwallmodel:automation factorytalk cpr9-sr4scope: - version: -

Trust: 0.3

vendor:rockwallmodel:automation factorytalk cpr9-sr3scope: - version: -

Trust: 0.3

vendor:rockwallmodel:automation factorytalk cpr9-sr2scope: - version: -

Trust: 0.3

vendor:rockwallmodel:automation factorytalk cpr9-sr1scope: - version: -

Trust: 0.3

vendor:rockwallmodel:automation factorytalk cpr9scope: - version: -

Trust: 0.3

vendor:rockwallmodel:automation factorytalkscope:eqversion:0

Trust: 0.3

sources: IVD: 7d70a8d0-463f-11e9-be91-000c29342cb1 // IVD: f9f79006-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0190 // CNVD: CNVD-2012-0189 // CNVD: CNVD-2012-8874 // BID: 51444 // JVNDB: JVNDB-2012-001983 // CNNVD: CNNVD-201204-004 // NVD: CVE-2012-0222

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-0222
value: MEDIUM

Trust: 1.0

NVD: CVE-2012-0222
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2012-8874
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201204-004
value: MEDIUM

Trust: 0.6

IVD: 7d70a8d0-463f-11e9-be91-000c29342cb1
value: MEDIUM

Trust: 0.2

IVD: f9f79006-2353-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

VULHUB: VHN-53503
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2012-0222
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2012-8874
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 7d70a8d0-463f-11e9-be91-000c29342cb1
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: f9f79006-2353-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-53503
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: 7d70a8d0-463f-11e9-be91-000c29342cb1 // IVD: f9f79006-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-8874 // VULHUB: VHN-53503 // JVNDB: JVNDB-2012-001983 // CNNVD: CNNVD-201204-004 // NVD: CVE-2012-0222

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-53503 // JVNDB: JVNDB-2012-001983 // NVD: CVE-2012-0222

THREAT TYPE

remote

Trust: 1.2

sources: CNNVD: CNNVD-201201-287 // CNNVD: CNNVD-201204-004

TYPE

Buffer overflow

Trust: 1.0

sources: IVD: 7d70a8d0-463f-11e9-be91-000c29342cb1 // IVD: f9f79006-2353-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201204-004

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-001983

PATCH

title:RSLogix 5000url:http://www.rockwellautomation.com/rockwellsoftware/design/rslogix5000/

Trust: 0.8

title:FactoryTalkurl:http://www.rockwellautomation.com/rockwellsoftware/factorytalk/

Trust: 0.8

title:Patch for Rockwell Automation Allen-Bradley FactoryTalk Buffer Overflow Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/36064

Trust: 0.6

sources: CNVD: CNVD-2012-8874 // JVNDB: JVNDB-2012-001983

EXTERNAL IDS

db:NVDid:CVE-2012-0222

Trust: 3.8

db:ICS CERTid:ICSA-12-088-01

Trust: 3.4

db:BIDid:51444

Trust: 2.1

db:CNNVDid:CNNVD-201204-004

Trust: 1.1

db:ICS CERT ALERTid:ICS-ALERT-12-017-01

Trust: 1.1

db:CNVDid:CNVD-2012-8874

Trust: 1.0

db:JVNDBid:JVNDB-2012-001983

Trust: 0.8

db:CNVDid:CNVD-2012-0190

Trust: 0.6

db:CNVDid:CNVD-2012-0189

Trust: 0.6

db:CNNVDid:CNNVD-201201-287

Trust: 0.6

db:IVDid:7D70A8D0-463F-11E9-BE91-000C29342CB1

Trust: 0.2

db:IVDid:F9F79006-2353-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:VULHUBid:VHN-53503

Trust: 0.1

sources: IVD: 7d70a8d0-463f-11e9-be91-000c29342cb1 // IVD: f9f79006-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0190 // CNVD: CNVD-2012-0189 // CNVD: CNVD-2012-8874 // VULHUB: VHN-53503 // BID: 51444 // JVNDB: JVNDB-2012-001983 // CNNVD: CNNVD-201201-287 // CNNVD: CNNVD-201204-004 // NVD: CVE-2012-0222

REFERENCES

url:http://www.us-cert.gov/control_systems/pdf/icsa-12-088-01.pdf

Trust: 2.8

url:http://rockwellautomation.custhelp.com/app/answers/detail/a_id/469937

Trust: 1.7

url:http://aluigi.altervista.org/adv/rnadiagreceiver_1-adv.txt

Trust: 1.5

url:http://www.us-cert.gov/control_systems/pdf/ics-alert-12-017-01.pdf

Trust: 1.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0222

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-0222

Trust: 0.8

url:http://ics-cert.us-cert.gov/advisories/icsa-12-088-01

Trust: 0.6

url:http://www.securityfocus.com/bid/51444

Trust: 0.6

url:http://www.rockwellautomation.com/

Trust: 0.3

sources: CNVD: CNVD-2012-0190 // CNVD: CNVD-2012-0189 // CNVD: CNVD-2012-8874 // VULHUB: VHN-53503 // BID: 51444 // JVNDB: JVNDB-2012-001983 // CNNVD: CNNVD-201201-287 // CNNVD: CNNVD-201204-004 // NVD: CVE-2012-0222

CREDITS

Luigi Auriemma

Trust: 0.9

sources: BID: 51444 // CNNVD: CNNVD-201201-287

SOURCES

db:IVDid:7d70a8d0-463f-11e9-be91-000c29342cb1
db:IVDid:f9f79006-2353-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2012-0190
db:CNVDid:CNVD-2012-0189
db:CNVDid:CNVD-2012-8874
db:VULHUBid:VHN-53503
db:BIDid:51444
db:JVNDBid:JVNDB-2012-001983
db:CNNVDid:CNNVD-201201-287
db:CNNVDid:CNNVD-201204-004
db:NVDid:CVE-2012-0222

LAST UPDATE DATE

2024-08-14T14:28:13.014000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2012-0190date:2012-01-19T00:00:00
db:CNVDid:CNVD-2012-0189date:2012-01-19T00:00:00
db:CNVDid:CNVD-2012-8874date:2012-04-05T00:00:00
db:VULHUBid:VHN-53503date:2012-04-03T00:00:00
db:BIDid:51444date:2012-03-28T22:10:00
db:JVNDBid:JVNDB-2012-001983date:2012-04-04T00:00:00
db:CNNVDid:CNNVD-201201-287date:2012-01-30T00:00:00
db:CNNVDid:CNNVD-201204-004date:2012-04-05T00:00:00
db:NVDid:CVE-2012-0222date:2012-04-03T04:00:00

SOURCES RELEASE DATE

db:IVDid:7d70a8d0-463f-11e9-be91-000c29342cb1date:2012-04-05T00:00:00
db:IVDid:f9f79006-2353-11e6-abef-000c29c66e3ddate:2012-04-05T00:00:00
db:CNVDid:CNVD-2012-0190date:2012-01-19T00:00:00
db:CNVDid:CNVD-2012-0189date:2012-01-19T00:00:00
db:CNVDid:CNVD-2012-8874date:2012-04-05T00:00:00
db:VULHUBid:VHN-53503date:2012-04-02T00:00:00
db:BIDid:51444date:2012-01-17T00:00:00
db:JVNDBid:JVNDB-2012-001983date:2012-04-04T00:00:00
db:CNNVDid:CNNVD-201201-287date:1900-01-01T00:00:00
db:CNNVDid:CNNVD-201204-004date:2012-04-05T00:00:00
db:NVDid:CVE-2012-0222date:2012-04-02T18:55:01.090