First published: Thu Apr 05 2018(Updated: )
An exploitable denial of service vulnerability exists in the processing of snmp-set commands of the Allen Bradley Micrologix 1400 Series B FRN 21.2 and below. A specially crafted snmp-set request, when sent without associated firmware flashing snmp-set commands, can cause a device power cycle resulting in downtime for the device. An attacker can send one packet to trigger this vulnerability.
Credit: talos-cna@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Rockwellautomation Micrologix 1400 B Firmware | <=21.2 | |
Rockwellautomation Micrologix 1400 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-12090 is a denial of service vulnerability in the processing of snmp-set commands of the Allen Bradley Micrologix 1400 Series B FRN 21.2 and below.
CVE-2017-12090 has a severity rating of 7.5 out of 10, indicating a high severity.
The Allen Bradley Micrologix 1400 Series B FRN 21.2 and below firmware is affected by CVE-2017-12090.
CVE-2017-12090 can be exploited by sending a specially crafted snmp-set request without associated firmware flashing snmp-set commands.
No, Rockwellautomation Micrologix 1400 is not vulnerable to CVE-2017-12090.