← Back

CVE-2012-0221

nvd nist
Published: Apr 2, 2012Modified: Apr 29, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:N/I:N/A:P
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

The FactoryTalk (FT) RNADiagReceiver service in Rockwell Automation Allen-Bradley FactoryTalk CPR9 through SR5 and RSLogix 5000 17 through 20 does not properly handle the return value from an unspecified function, which allows remote attackers to cause a denial of service (service outage) via a crafted packet.

Affected (6)

Rockwellautomation
2 products
Factorytalk
Rslogix 5000
Configuration A
6 vulnerable
Vulnerable SoftwareAffected Versions
Factorytalk
Version cpr9
Factorytalk
Version cpr9_sr5
Rslogix 5000
Version 17
Rslogix 5000
Version 18
Rslogix 5000
Version 19
Rslogix 5000
Version 20

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

Source: cret@cert.org
Source: cret@cert.org
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource

Timeline

No history available yet.