Vulnerabilities > CVE-2017-12089 - Unspecified vulnerability in Rockwellautomation Micrologix 1400 B Firmware

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
rockwellautomation
NVD
Published: 2018-04-05
Updated: 2022-04-19

Summary

An exploitable denial of service vulnerability exists in the program download functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a device fault resulting in halted operations. An attacker can send an unauthenticated packet to trigger this vulnerability.

Vulnerable Configurations

Part Description Count
OS
Rockwellautomation
19
Hardware
Rockwellautomation
1

Talos

idTALOS-2017-0441
last seen2019-05-29
published2018-03-28
reporterTalos Intelligence
sourcehttp://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0441
titleAllen Bradley Micrologix 1400 Series B Ladder Logic Program Download Device Fault Denial of Service Vulnerability

References