Security News > 2021 > July > Vulnerability Exposes MicroLogix PLCs to Remote DoS Attacks

Vulnerability Exposes MicroLogix PLCs to Remote DoS Attacks
2021-07-20 13:38

A high-severity vulnerability affecting Rockwell Automation's MicroLogix 1100 programmable logic controllers can be exploited to cause a device to enter a persistent fault condition.

According to advisories released this month by Rockwell and the U.S. Cybersecurity and Infrastructure Security Agency, a remote, unauthenticated attacker can exploit CVE-2021-33012 to cause a denial of service condition on the targeted controller by sending it specially crafted commands.

"If successfully exploited, this vulnerability will cause the controller to fault when the controller is switched to RUN mode," Rockwell said.

The PLCs operate normally when they are in either RUN mode or PROG mode - the latter allows the user to update the logic on the controller.

The vendor noted that "a controller in this state can be recovered by downloading a new project to the controller or an offline copy of the project."

Instead, it has advised customers to leave controllers in RUN mode, and consider migrating to a newer controller model - the MicroLogix 1100 PLC has been discontinued and users are advised to migrate to the Micro870 controller.


News URL

http://feedproxy.google.com/~r/securityweek/~3/z9YfhaUhOfk/vulnerability-exposes-micrologix-plcs-remote-dos-attacks

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-07-09 CVE-2021-33012 Unspecified vulnerability in Rockwellautomation Micrologix 1100 Firmware
Rockwell Automation MicroLogix 1100, all versions, allows a remote, unauthenticated attacker sending specially crafted commands to cause the PLC to fault when the controller is switched to RUN mode, which results in a denial-of-service condition.
network
low complexity
rockwellautomation
5.0