What is the severity of CVE-2017-16740?

CVE-2017-16740 is considered to have a high severity due to the potential for remote code execution.

How do I fix CVE-2017-16740?

To fix CVE-2017-16740, upgrade to the latest firmware version of the affected Rockwell Automation controllers beyond version 21.002.

What type of vulnerability is CVE-2017-16740?

CVE-2017-16740 is a stack-based buffer overflow vulnerability.

Can CVE-2017-16740 be exploited remotely?

Yes, CVE-2017-16740 can potentially be exploited remotely, allowing attackers to execute code on the vulnerable devices.

Vulnerability/
CVE-2017-16740

critical

CWE

119 120

9/1/2018

16/8/2018

CVE-2017-16740: Buffer Overflow

Q: What devices are affected by CVE-2017-16740?

CVE-2017-16740 affects Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers, Series B and C, with firmware versions 21.002 and earlier.

First published: Tue Jan 09 2018(Updated: )

A Buffer Overflow issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers, Series B and C Versions 21.002 and earlier. The stack-based buffer overflow vulnerability has been identified, which may allow remote code execution.

Credit: ics-cert@hq.dhs.gov

Affected Software	Affected Version	How to fix
rockwellautomation 1766-L32BXB firmware	<=21.002
Rockwell Automation 1766-L32BXBA Firmware
Rockwell Automation 1766-L32AWA	<=21.002
Rockwell Automation 1766-L32AWA
Rockwell Automation 1766-L32BXB firmware	<=21.002
rockwellautomation 1766-L32BXB firmware
Rockwell Automation 1766-L32BWA	<=21.002
Rockwell Automation 1766-L32BWAA
Rockwell Automation 1766-L32AWAA	<=21.002
Rockwell Automation 1766-L32AWAA
Rockwell Automation 1766-L32BWA	<=21.002
Rockwell Automation 1766-L32BWA

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-16740?
CVE-2017-16740 is considered to have a high severity due to the potential for remote code execution.
How do I fix CVE-2017-16740?
To fix CVE-2017-16740, upgrade to the latest firmware version of the affected Rockwell Automation controllers beyond version 21.002.
What devices are affected by CVE-2017-16740?
CVE-2017-16740 affects Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers, Series B and C, with firmware versions 21.002 and earlier.
What type of vulnerability is CVE-2017-16740?
CVE-2017-16740 is a stack-based buffer overflow vulnerability.
Can CVE-2017-16740 be exploited remotely?
Yes, CVE-2017-16740 can potentially be exploited remotely, allowing attackers to execute code on the vulnerable devices.

agent/type
agent/last-modified-date
agent/first-publish-date
agent/description
agent/severity
agent/references
agent/weakness
agent/author
agent/event
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/rockwellautomation
canonical/rockwellautomation 1766-l32bxb firmware
version/rockwellautomation 1766-l32bxb firmware/21.002
canonical/rockwell automation 1766-l32bxba firmware
canonical/rockwell automation 1766-l32awa
version/rockwell automation 1766-l32awa/21.002
canonical/rockwell automation 1766-l32bxb firmware
version/rockwell automation 1766-l32bxb firmware/21.002
canonical/rockwell automation 1766-l32bwa
version/rockwell automation 1766-l32bwa/21.002
canonical/rockwell automation 1766-l32bwaa
canonical/rockwell automation 1766-l32awaa
version/rockwell automation 1766-l32awaa/21.002

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.