{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T13:05:00.393","vulnerabilities":[{"cve":{"id":"CVE-2012-6437","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2013-01-24T21:55:01.523","lastModified":"2025-06-30T22:15:28.747","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The device does not properly authenticate users and the potential exists for a remote user to upload a new firmware image to the Ethernet card, whether it is a corrupt or legitimate firmware image. Successful exploitation of this vulnerability could cause loss of availability, integrity, and confidentiality and a disruption in communications with other connected devices.\n\n\n\n\n\nRockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400"},{"lang":"es","value":"Rockwell Automation EtherNet/IP; productos 1756-ENBT, 1756-EWEB, 1768-ENBT y módulos de comunicación 1768-EWEB; CompactLogix L32E y L35E, 1788-ENBT adaptador FlexLogix; AENTR 1794-FLEX adaptador I/O EtherNet/IP; ControlLogix v18 y anteriores; CompactLogix 18 y anteriores; GuardLogix 18 y anteriores; SoftLogix v18 y anteriores; controladores CompactLogix v19 y anteriores; controladores SoftLogix v19 y anteriores; controladores ControlLogix v20 y anteriores, los controladores GuardLogix v20 y anteriores, y MicroLogix 1100 y 1400 no realizan correctamente la autenticación para actualizaciones de firmware Ethernet, lo que permite a atacantes remotos ejecutar código arbitrario a través de un troyano que  se hace pasar por una actualización."}],"metrics":{"cvssMetricV2":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:controllogix_controllers:*:*:*:*:*:*:*:*","versionEndIncluding":"20","matchCriteriaId":"37F4D4ED-1915-4155-9F0A-691771AA534B"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:guardlogix_controllers:*:*:*:*:*:*:*:*","versionEndIncluding":"20","matchCriteriaId":"A2F8B5EE-C1BA-4CFB-B17F-C59BCDB41503"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:micrologix:*:*:*:*:*:*:*:*","versionEndIncluding":"1100","matchCriteriaId":"DE554CCC-0A46-43D4-8D7D-44200BB7D314"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:micrologix:*:*:*:*:*:*:*:*","versionEndIncluding":"1400","matchCriteriaId":"8D3B4218-4483-4FAE-9915-8937F40AED27"},{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:softlogix_controllers:*:*:*:*:*:*:*:*","versionEndIncluding":"19","matchCriteriaId":"FE7219A5-4759-4143-B89F-869D49CAAFF7"},{"vulnerable":true,"criteria":"cpe:2.3:h:rockwellautomation:1756-enbt:-:*:*:*:*:*:*:*","matchCriteriaId":"330E9A05-C869-41B1-BB28-FD2A7C7ED0CE"},{"vulnerable":true,"criteria":"cpe:2.3:h:rockwellautomation:1756-eweb:-:*:*:*:*:*:*:*","matchCriteriaId":"2AD7D5DB-4A49-421A-8C6C-B9E6DA0A499B"},{"vulnerable":true,"criteria":"cpe:2.3:h:rockwellautomation:1768-enbt:-:*:*:*:*:*:*:*","matchCriteriaId":"DD44B55C-BDD7-41CC-91A9-F31ED2FC69E2"},{"vulnerable":true,"criteria":"cpe:2.3:h:rockwellautomation:1768-eweb:-:*:*:*:*:*:*:*","matchCriteriaId":"C91D5245-DED2-469C-A800-62109F8159C9"},{"vulnerable":true,"criteria":"cpe:2.3:h:rockwellautomation:1794-aentr_flex_i\\/o_ethernet\\/ip_adapter:-:*:*:*:*:*:*:*","matchCriteriaId":"0BD25E6B-6AE1-4B8C-A086-F5E152CAAA60"},{"vulnerable":true,"criteria":"cpe:2.3:h:rockwellautomation:compactlogix:*:*:*:*:*:*:*:*","versionEndIncluding":"18","matchCriteriaId":"AA199887-E8F7-48EE-B1E0-9EF2E439DACE"},{"vulnerable":true,"criteria":"cpe:2.3:h:rockwellautomation:compactlogix_controllers:*:*:*:*:*:*:*:*","versionEndIncluding":"19","matchCriteriaId":"A763D845-B091-47A4-8A29-A1CD19C1E4F2"},{"vulnerable":true,"criteria":"cpe:2.3:h:rockwellautomation:compactlogix_l32e_controller:-:*:*:*:*:*:*:*","matchCriteriaId":"19B8ED27-2512-4A42-973C-99D300963046"},{"vulnerable":true,"criteria":"cpe:2.3:h:rockwellautomation:compactlogix_l35e_controller:-:*:*:*:*:*:*:*","matchCriteriaId":"7EFC590C-01C1-48D1-A5BE-0F70BE7F36B9"},{"vulnerable":true,"criteria":"cpe:2.3:h:rockwellautomation:controllogix:*:*:*:*:*:*:*:*","versionEndIncluding":"18","matchCriteriaId":"4FE24B9B-9F7D-4D8F-A674-F04FC9F9F8BC"},{"vulnerable":true,"criteria":"cpe:2.3:h:rockwellautomation:flexlogix_1788-enbt_adapter:-:*:*:*:*:*:*:*","matchCriteriaId":"887A3369-548C-42B0-82C5-92CB161D3B7A"},{"vulnerable":true,"criteria":"cpe:2.3:h:rockwellautomation:guardlogix:*:*:*:*:*:*:*:*","versionEndIncluding":"18","matchCriteriaId":"E98626DD-BC79-473E-B25F-92C9BA12F6DD"},{"vulnerable":true,"criteria":"cpe:2.3:h:rockwellautomation:softlogix:*:*:*:*:*:*:*:*","versionEndIncluding":"18","matchCriteriaId":"D83AF504-2845-4022-BA8E-52F4FB773EA4"}]}]}],"references":[{"url":"http://rockwellautomation.custhelp.com/app/answers/detail/a_id/54102","source":"ics-cert@hq.dhs.gov"},{"url":"https://rockwellautomation.custhelp.com/app/answers/detail/a_id/470154","source":"ics-cert@hq.dhs.gov"},{"url":"https://rockwellautomation.custhelp.com/app/answers/detail/aid/470155","source":"ics-cert@hq.dhs.gov"},{"url":"https://rockwellautomation.custhelp.com/app/answers/detail/aid/470156","source":"ics-cert@hq.dhs.gov"},{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-13-011-03","source":"ics-cert@hq.dhs.gov"},{"url":"http://www.us-cert.gov/control_systems/pdf/ICSA-13-011-03.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"]}]}}]}