CVE-2012-6441

CVE-2012-6441 is a medium-severity vulnerability in Rockwellautomation Controllogix Controllers with a CVSS 2.0 base score of 5.0. Its EPSS exploit-prediction score of 54% places it in the 99th percentile, indicating an elevated likelihood of exploitation. The underlying weakness is classified as CWE-200.

Key facts

Description

An information exposure of confidential information results when the device receives a specially crafted CIP packet to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP. Successful exploitation of this vulnerability could cause loss of confidentiality. Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400

Frequently asked questions

What is CVE-2012-6441?
An information exposure of confidential information results when the device receives a specially crafted CIP packet to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP. Successful exploitation of this vulnerability could cause loss of confidentiality. Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400
How severe is CVE-2012-6441?
CVE-2012-6441 has a CVSS 2.0 base score of 5.0, rated medium severity.
Is CVE-2012-6441 being actively exploited?
It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 54% (99th percentile), an estimate of the probability of exploitation in the next 30 days.
What products are affected by CVE-2012-6441?
CVE-2012-6441 primarily affects Rockwellautomation Controllogix Controllers. In total, 17 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
How do I fix CVE-2012-6441?
Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
When was CVE-2012-6441 published?
CVE-2012-6441 was published on 2013-01-24 and last updated on 2026-06-16.

References

Affected products (17)

More vulnerabilities in Rockwellautomation Controllogix Controllers

All CVEs affecting Rockwellautomation Controllogix Controllers →

Other CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor) vulnerabilities

Browse all CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor) vulnerabilities →