Rockwellautomation 1756-enbt
9 CVEs affecting Rockwellautomation 1756-enbt. Latest disclosed: 2018-12-07. Critical: 1, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2012-6437 | Critical | 9.8 | 2013-01-24 | The device does not properly authenticate users and the potential exists for a remote user to upload a new firmware image to the Ethernet card, whether it is a… |
CVE-2018-17924 | High | 8.6 | 2018-12-07 | Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connectio… |
CVE-2012-6442 | High | 7.5 | 2013-01-24 | When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/… |
CVE-2012-6438 | High | 7.5 | 2013-01-24 | The device does not properly validate the data being sent to the buffer. An attacker can send a malformed CIP packet to Port 2222/TCP, Port 2222/UDP, Port 4481… |
CVE-2012-6436 | High | 7.5 | 2013-01-24 | The device does not properly validate the data being sent to the buffer. An attacker can send a malformed CIP packet to Port 2222/TCP, Port 2222/UDP, Port 4481… |
CVE-2012-6435 | High | 7.5 | 2013-01-24 | When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/… |
CVE-2012-6440 | Medium | 4.8 | 2013-01-24 | The Web server password authentication mechanism used by the products is vulnerable to a MitM and Replay attack. Successful exploitation of this vulnerability… |
CVE-2012-6441 | | 2013-01-24 | An information exposure of confidential information results when the device receives a specially crafted CIP packet to Port 2222/TCP, Port 2222/UDP, Port 44818… | |
CVE-2012-6439 | | 2013-01-24 | When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 448… |