CVE-2017-7924

Name of the Vulnerable Software and Affected Versions Rockwell Automation MicroLogix 1100 controllers version 1763-L16BWA Rockwell Automation MicroLogix 1100 controllers version 1763-L16AWA Rockwell Automation MicroLogix 1100 controllers version 1763-L16BBB Rockwell Automation MicroLogix 1100 controllers version 1763-L16DWD

Description An issue with improper input validation was found, allowing a remote, unauthenticated attacker to send a specially crafted Programmable Controller Communication Commands (PCCC) packet, potentially causing the controller to enter a denial-of-service condition.

Recommendations For version 1763-L16BWA, apply the recommended fix from the vendor to prevent the controller from entering a DoS condition. For version 1763-L16AWA, apply the recommended fix from the vendor to prevent the controller from entering a DoS condition. For version 1763-L16BBB, apply the recommended fix from the vendor to prevent the controller from entering a DoS condition. For version 1763-L16DWD, apply the recommended fix from the vendor to prevent the controller from entering a DoS condition. As a temporary workaround, consider restricting access to the PCCC packet until a patch is available.