Vulnerabilities > CVE-2014-5410 - Resource Management Errors vulnerability in Rockwellautomation AB Micrologix Controller 1400

CVSS 7.1 - HIGH

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

rockwellautomation

CWE-399

NVD

Published: 2014-10-03

Updated: 2014-10-06

Summary

The DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400 1766-Lxxxxx A FRN controllers 7 and earlier and 1400 1766-Lxxxxx B FRN controllers before 15.001 allows remote attackers to cause a denial of service (process disruption) via malformed packets over (1) an Ethernet network or (2) a serial line.

Vulnerable Configurations

Part	Description	Count
Hardware	Rockwellautomation Rockwellautomation AB Micrologix Controller 1400	1

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

References

https://ics-cert.us-cert.gov/advisories/ICSA-14-254-02