Vulnerability Details CVE-2017-12090
An exploitable denial of service vulnerability exists in the processing of snmp-set commands of the Allen Bradley Micrologix 1400 Series B FRN 21.2 and below. A specially crafted snmp-set request, when sent without associated firmware flashing snmp-set commands, can cause a device power cycle resulting in downtime for the device. An attacker can send one packet to trigger this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 2.7%
CVSS Severity
CVSS v3 Score 7.7
CVSS v2 Score 7.8
References
Products affected by CVE-2017-12090
-
cpe:2.3:h:rockwellautomation:micrologix_1400:-
-
cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:-
-
cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:11.000
-
cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:12.001
-
cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:13.000
-
cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:13.003
-
cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:14.000
-
cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:14.002
-
cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:15.000
-
cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:15.001
-
cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:15.002
-
cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:15.003
-
cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:15.004
-
cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:15.005
-
cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:16.000
-
cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:16.001
-
cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:16.002
-
cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:21.000
-
cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:21.001
-
cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:21.002