CVE-2017-14469

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information, modification of settings, or modification of ladder logic. An attacker can send unauthenticated packets to trigger this vulnerability. Required Keyswitch State: REMOTE or PROG Associated Fault Code: 0028 Fault Type: Non-User Description: Values 0x01 and 0x02 are invalid values for the user fault routine. By writing directly to the file it is possible to set these values. When this is done and the device is moved into a run state, a fault is triggered. NOTE: This is not possible through RSLogix.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:micrologix_1400:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:12

Type Values Removed Values Added
CVSS v2 : 7.5
v3 : 9.8
v2 : 7.5
v3 : 10.0
References () https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0443 - Exploit, Third Party Advisory () https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0443 - Exploit, Third Party Advisory

Information

Published : 2018-04-05 21:29

Updated : 2024-11-21 03:12


NVD link : CVE-2017-14469

Mitre link : CVE-2017-14469

CVE.ORG link : CVE-2017-14469


JSON object : View

Products Affected

rockwellautomation

  • micrologix_1400
  • micrologix_1400_b_firmware