CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2017-12090

HIGH
7.7
CVSS Severity Score
EPSS Score0.0550%
EPSS Percentile13.11th
Published2018年4月5日
Last Modified2024年11月21日

Vulnerability Description

An exploitable denial of service vulnerability exists in the processing of snmp-set commands of the Allen Bradley Micrologix 1400 Series B FRN 21.2 and below. A specially crafted snmp-set request, when sent without associated firmware flashing snmp-set commands, can cause a device power cycle resulting in downtime for the device. An attacker can send one packet to trigger this vulnerability.

Affected Platforms (CPE)

💻
Rockwellautomation

Micrologix 1400 B Firmware

<= 21.2

References & Advisories

🔗 https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0442
🔗 https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0442

相關漏洞威脅

CVE-2017-144689.8

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Brad...

CVE-2012-64379.8

The device does not properly authenticate users and the potential exists for a remote user to upload a new firmware image to the E...

CVE-2016-56457.3

Rockwell Automation MicroLogix 1400 PLC 1766-L32BWA, 1766-L32AWA, 1766-L32BXB, 1766-L32BWAA, 1766-L32AWAA, and 1766-L32BXBA device...

CVE-2017-120935.3

An exploitable insufficient resource pool vulnerability exists in the session communication functionality of Allen Bradley Microlo...