First published: Fri Jul 09 2021(Updated: )
Rockwell Automation MicroLogix 1100, all versions, allows a remote, unauthenticated attacker sending specially crafted commands to cause the PLC to fault when the controller is switched to RUN mode, which results in a denial-of-service condition. If successfully exploited, this vulnerability will cause the controller to fault whenever the controller is switched to RUN mode.
Credit: ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
Rockwellautomation Micrologix 1100 Firmware | ||
Rockwellautomation Micrologix 1100 | ||
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2021-33012.
The severity of CVE-2021-33012 is high with a severity value of 8.6.
CVE-2021-33012 allows a remote unauthenticated attacker to send specially crafted commands to cause a denial-of-service condition on the MicroLogix 1100 when it is switched to RUN mode.
CVE-2021-33012 can be exploited by sending specially crafted commands to the MicroLogix 1100 controller when it is in RUN mode.
Yes, Rockwell Automation MicroLogix 1100 firmware is affected by CVE-2021-33012.