CVSS: 5.0EPSS: 77%CPEs: 6EXPL: 1CVE-2012-0221 – Rockwell Automation FactoryTalk Activation Server - Multiple Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-0221
The FactoryTalk (FT) RNADiagReceiver service in Rockwell Automation Allen-Bradley FactoryTalk CPR9 through SR5 and RSLogix 5000 17 through 20 does not properly handle the return value from an unspecified function, which allows remote attackers to cause a denial of service (service outage) via a crafted packet. El servicio FactoryTalk (FT) RNADiagReceiver en Rockwell Automation Allen-Bradley FactoryTalk CPR9 hasta SR5 y RSLogix 5000 17 hasta 20 no gestiona de forma adecuada el valor de retorno de una función específica, lo que permite a atacantes remotos provocar una denegación de servicio (corte de servicio) a través de un paquete manipulado. • https://www.exploit-db.com/exploits/36570 http://rockwellautomation.custhelp.com/app/answers/detail/a_id/469937 http://www.us-cert.gov/control_systems/pdf/ICSA-12-088-01.pdf • CWE-20: Improper Input Validation •
CVSS: 6.9EPSS: 0%CPEs: 3EXPL: 0CVE-2011-2957
https://notcve.org/view.php?id=CVE-2011-2957
Unspecified vulnerability in Rockwell Automation FactoryTalk Diagnostics Viewer before V2.30.00 (CPR9 SR3) allows local users to execute arbitrary code via a crafted FactoryTalk Diagnostics Viewer (.ftd) configuration file, which triggers memory corruption. Vulnerabilidad no especificada en Rockwell Automation FactoryTalk Diagnostics Viewer antes de V2.30.00 (CPR9 SR3), permite a usuarios locales ejecutar código de su elección a través de un archivo de configuración elaborado visor de FactoryTalk Diagnostics FactoryTalk Diagnostics Viewer (.ftd) manipulado que provoca corrupción de memoria. • http://rockwellautomation.custhelp.com/app/answers/detail/a_id/448424 http://www.securityfocus.com/bid/48962 http://www.us-cert.gov/control_systems/pdf/ICSA-11-175-01.pdf •