CVE-2017-12090

Name of the Vulnerable Software and Affected Versions Allen Bradley Micrologix 1400 Series B versions 21.2 and below

Description A denial of service issue exists in the processing of snmp-set commands. A specially crafted snmp-set request can cause a device power cycle, resulting in downtime. An attacker can trigger this issue by sending a single packet.

Recommendations For versions 21.2 and below, consider restricting access to snmp-set commands to minimize the risk of exploitation. As a temporary workaround, limit the ability to send snmp-set requests without associated firmware flashing commands until a fix is available. At the moment, there is no information about a newer version that contains a fix for this issue.