Rockwellautomation Micrologix — known CVE vulnerabilities
Every CVE whose affected-product data names Rockwellautomation Micrologix, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2012-6437 — CVSS 9.8 (critical): The device does not properly authenticate users and the potential exists for a remote user to upload a new firmware image to the Ethernet…
CVE-2012-6439 — CVSS 8.5 (high): When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port…
CVE-2012-6435 — CVSS 7.5 (high): When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port…
CVE-2012-6438 — CVSS 7.5 (high): The device does not properly validate the data being sent to the buffer. An attacker can send a malformed CIP packet to Port 2222/TCP, Port…
CVE-2012-6436 — CVSS 7.5 (high): The device does not properly validate the data being sent to the buffer. An attacker can send a malformed CIP packet to Port 2222/TCP, Port…
CVE-2012-6441 — CVSS 5.0 (medium): An information exposure of confidential information results when the device receives a specially crafted CIP packet to Port 2222/TCP, Port…
CVE-2012-6440 — CVSS 4.8 (medium): The Web server password authentication mechanism used by the products is vulnerable to a MitM and Replay attack. Successful exploitation of…