Pranita Binnar

**Name of the Vulnerable Software and Affected Versions** Rockwell Automation MicroLogix 1100/1400 versions 21.007 and prior **Description** The issue is related to the X-Frame-Options header not being configured in the HTTP response, which could allow clickjacking attacks. This could enable a remote attacker to gain unauthorized access to protected information using a specially crafted link. The vulnerability is associated with incorrect restriction of visualized layers of the user interface. **Recommendations** For versions 21.007 and prior, consider configuring the X-Frame-Options header in the HTTP response to prevent clickjacking attacks. As a temporary workaround, restrict access to sensitive information and user interfaces to minimize the risk of exploitation.