First published: Thu Dec 03 2020(Updated: )
An exploitable denial-of-service vulnerability exists in the IPv4 functionality of Allen-Bradley MicroLogix 1100 Programmable Logic Controller Systems Series B FRN 16.000, Series B FRN 15.002, Series B FRN 15.000, Series B FRN 14.000, Series B FRN 13.000, Series B FRN 12.000, Series B FRN 11.000 and Series B FRN 10.000. A specially crafted packet can cause a major error, resulting in a denial of service. An attacker can send a malicious packet to trigger this vulnerability.
Credit: talos-cna@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Rockwellautomation Micrologix 1100 B Firmware | =10.000 | |
Rockwellautomation Micrologix 1100 B Firmware | =11.000 | |
Rockwellautomation Micrologix 1100 B Firmware | =12.000 | |
Rockwellautomation Micrologix 1100 B Firmware | =13.000 | |
Rockwellautomation Micrologix 1100 B Firmware | =14.000 | |
Rockwellautomation Micrologix 1100 B Firmware | =15.000 | |
Rockwellautomation Micrologix 1100 B Firmware | =15.002 | |
Rockwellautomation Micrologix 1100 B Firmware | =16.000 | |
Rockwellautomation Micrologix 1100 | ||
Rockwell Automation Allen-Bradley MicroLogix 1100 revision number 1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-6111 is a denial-of-service vulnerability in the IPv4 functionality of Allen-Bradley MicroLogix 1100 Programmable Logic Controller Systems.
The severity of CVE-2020-6111 is high, with a severity value of 7.5.
Allen-Bradley MicroLogix 1100 Firmware versions 10.000, 11.000, 12.000, 13.000, 14.000, 15.000, 15.002, and 16.000 are affected by CVE-2020-6111.
To fix CVE-2020-6111, Rockwell Automation recommends updating to a non-vulnerable firmware version.
You can find more information about CVE-2020-6111 at the following references: [link1], [link2].