CVE-2018-17924

Name of the Vulnerable Software and Affected Versions Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules (affected versions not specified)

Description The issue is related to a lack of authentication for a critical function in the MicroLogix 1400 and 1756 ControlLogix software. An unauthenticated, remote threat actor could send a CIP connection request to an affected device and, upon successful connection, send a new IP configuration to the affected device, even if the controller is set to Hard RUN mode. This can cause a loss of communication between the device and the rest of the system as the system traffic is still attempting to communicate with the device via the overwritten IP address. The exploitation of this issue can allow a remote attacker to cause a denial of service by connecting via the CIP protocol and sending an IP configuration to the vulnerable device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.