CVE-2017-14473

Name of the Vulnerable Software and Affected Versions: Allen Bradley Micrologix 1400 Series B versions FRN 21.2 and before

Description: The issue allows for an exploitable access control vulnerability in the data, program, and function file permissions functionality. This can be triggered by a specially crafted packet, resulting in the disclosure of sensitive information, modification of settings, or modification of ladder logic. An attacker can send unauthenticated packets to exploit this issue. The vulnerability can be triggered regardless of the Keyswitch State.

Recommendations: For Allen Bradley Micrologix 1400 Series B versions FRN 21.2 and before, at the moment, there is no information about a newer version that contains a fix for this vulnerability.