First published: Mon Jun 04 2018(Updated: )
An exploitable file write vulnerability exists in the memory module functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a file write resulting in a new program being written to the memory module. An attacker can send an unauthenticated packet to trigger this vulnerability.
Credit: talos-cna@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Rockwellautomation Micrologix 1400 B Firmware | <=21.2 | |
Rockwellautomation Micrologix 1400 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-12092 is an exploitable file write vulnerability in the memory module functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before.
The severity of CVE-2017-12092 is high with a severity value of 7.5.
CVE-2017-12092 affects Rockwell Automation Micrologix 1400 B Firmware versions up to and including 21.2.
An attacker can exploit CVE-2017-12092 by sending a specially crafted packet that causes a file write resulting in a new program being written to the memory module.
No, Rockwell Automation Micrologix 1400 is not vulnerable to CVE-2017-12092.