CVE-2012-0221
Rockwellautomation Factorytalk - Improper Input Validation
Title source: ruleDescription
The FactoryTalk (FT) RNADiagReceiver service in Rockwell Automation Allen-Bradley FactoryTalk CPR9 through SR5 and RSLogix 5000 17 through 20 does not properly handle the return value from an unspecified function, which allows remote attackers to cause a denial of service (service outage) via a crafted packet.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Luigi Auriemma · textdosmultiple
https://www.exploit-db.com/exploits/36570
References (2)
Core 2
Core References
Various Sources x_refsource_misc
http://rockwellautomation.custhelp.com/app/answers/detail/a_id/469937
US Government Resource x_refsource_misc
http://www.us-cert.gov/control_systems/pdf/ICSA-12-088-01.pdf
Scores
EPSS
0.0084
EPSS Percentile
74.8%
Details
CWE
CWE-20
Status
published
Products (6)
rockwellautomation/factorytalk
cpr9
rockwellautomation/factorytalk
cpr9_sr5
rockwellautomation/rslogix_5000
17
rockwellautomation/rslogix_5000
18
rockwellautomation/rslogix_5000
19
rockwellautomation/rslogix_5000
20
Published
Apr 02, 2012
Tracked Since
Feb 18, 2026