CVE-2012-4713

Published: Apr 18, 2013Modified: Apr 29, 2026

7.8

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability: 10.0 / Impact: 6.9

Source: NVD

Description

Integer signedness error in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (service outage or RNADiagReceiver.exe daemon crash) via UDP data that specifies a negative integer value.

Affected (8)

Products: Rockwellautomation: Factorytalk Services Platform

Rockwellautomation

1 product

Factorytalk Services Platform

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Rockwellautomation Factorytalk Services Platform	Version cpr9
Rockwellautomation Factorytalk Services Platform	Version cpr9 sr1
Rockwellautomation Factorytalk Services Platform	Version cpr9 sr2
Rockwellautomation Factorytalk Services Platform	Version cpr9 sr3
Rockwellautomation Factorytalk Services Platform	Version cpr9 sr4
Rockwellautomation Factorytalk Services Platform	Version cpr9 sr5.1
Rockwellautomation Factorytalk Services Platform	Version cpr9 sr5
Rockwellautomation Factorytalk Services Platform	Version cpr9 sr6

Related CWEs

CWE-189

References (4)

http://ics-cert.us-cert.gov/pdf/ICSA-13-095-02.pdf

Source: ics-cert@hq.dhs.gov

US Government Resource

https://rockwellautomation.custhelp.com/app/answers/detail/a_id/537599

Source: ics-cert@hq.dhs.gov

http://ics-cert.us-cert.gov/pdf/ICSA-13-095-02.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

https://rockwellautomation.custhelp.com/app/answers/detail/a_id/537599

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.