CVE-2017-12092

Published: Jun 4, 2018Modified: Nov 21, 2024

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

An exploitable file write vulnerability exists in the memory module functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a file write resulting in a new program being written to the memory module. An attacker can send an unauthenticated packet to trigger this vulnerability.

Affected (1)

Products: Rockwellautomation: Micrologix 1400 B Firmware

Rockwellautomation

1 product

Micrologix 1400 B Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Rockwellautomation Micrologix 1400 B Firmware	Up to 21.2

Running on/with	Platform Versions
Rockwellautomation Micrologix 1400	All versions

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (2)

https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0444

Source: talos-cna@cisco.com

ExploitMitigationThird Party Advisory

https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0444

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitMitigationThird Party Advisory

Timeline

No history available yet.