First published: Thu Apr 05 2018(Updated: )
An exploitable denial of service vulnerability exists in the Ethernet functionality of the Allen Bradley Micrologix 1400 Series B FRN 21.2 and below. A specially crafted packet can cause a device power cycle resulting in a fault state and deletion of ladder logic. An attacker can send one unauthenticated packet to trigger this vulnerability
Credit: talos-cna@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Rockwellautomation Micrologix 1400 B Firmware | <=21.2 | |
Rockwellautomation Micrologix 1400 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-12088 is a denial of service vulnerability in the Ethernet functionality of the Allen Bradley Micrologix 1400 Series B FRN 21.2 and below.
CVE-2017-12088 has a severity rating of 7.5 out of 10 (high).
The Allen Bradley Micrologix 1400 Series B FRN version 21.2 and below is affected by CVE-2017-12088.
An attacker can send a specially crafted packet that causes the device to power cycle, resulting in a fault state and deletion of ladder logic.
No, the Rockwellautomation Micrologix 1400 is not vulnerable to CVE-2017-12088.
There is currently no known fix for CVE-2017-12088, it is recommended to contact the vendor for further assistance.