PT-2018-5345 · Allen Bradley · Allen Bradley Micrologix 1400 Series B

Published

2018-06-04

Updated

2022-04-19

CVE-2017-12092

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Allen Bradley Micrologix 1400 Series B FRN versions 21.2 and before

Description A file write issue exists in the memory module functionality, allowing a specially crafted packet to cause a file write, resulting in a new program being written to the memory module. An attacker can send an unauthenticated packet to trigger this issue.

Recommendations For Allen Bradley Micrologix 1400 Series B FRN versions 21.2 and before, consider restricting access to the memory module functionality until a fix is available. As a temporary workaround, implement additional authentication measures to prevent unauthenticated packets from triggering the file write issue.

Exploit

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2017-12092

Affected Products

Allen Bradley Micrologix 1400 Series B

PT-2018-5345 · Allen Bradley · Allen Bradley Micrologix 1400 Series B

CVE-2017-12092

Weakness Enumeration

Related Identifiers

Affected Products

References · 3