CyberSec.Space Logo
Back to CVE Browser

CVE-2017-12090

HIGH
7.7
CVSS Severity Score
EPSS Score0.0550%
EPSS Percentile13.11th
PublishedApr 5, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

An exploitable denial of service vulnerability exists in the processing of snmp-set commands of the Allen Bradley Micrologix 1400 Series B FRN 21.2 and below. A specially crafted snmp-set request, when sent without associated firmware flashing snmp-set commands, can cause a device power cycle resulting in downtime for the device. An attacker can send one packet to trigger this vulnerability.

Affected Platforms (CPE)

💻
Rockwellautomation

Micrologix 1400 B Firmware

<= 21.2

References & Advisories

🔗 https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0442
🔗 https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0442

Related Vulnerabilities

CVE-2017-144689.8

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Brad...

CVE-2012-64379.8

The device does not properly authenticate users and the potential exists for a remote user to upload a new firmware image to the E...

CVE-2016-56457.3

Rockwell Automation MicroLogix 1400 PLC 1766-L32BWA, 1766-L32AWA, 1766-L32BXB, 1766-L32BWAA, 1766-L32AWAA, and 1766-L32BXBA device...

CVE-2017-120935.3

An exploitable insufficient resource pool vulnerability exists in the session communication functionality of Allen Bradley Microlo...