CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-14464

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information, modification of settings, or modification of ladder logic. An attacker can send unauthenticated packets to trigger this vulnerability.Required Keyswitch State: REMOTE or PROG Associated Fault Code: 0001 Fault Type: Non-User Description: A fault state can be triggered by setting the NVRAM/memory module user program mismatch bit (S2:9) when a memory module is NOT installed.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.151

EPSS Ranking 94.2%

CVSS Severity

CVSS v3 Score 10.0

CVSS v2 Score 7.5

References

Products affected by CVE-2017-14464

Rockwellautomation » Micrologix 1400 » Version: N/A

cpe:2.3:h:rockwellautomation:micrologix_1400:-
Rockwellautomation » Micrologix 1400 B Firmware » Version: N/A

cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:-
Rockwellautomation » Micrologix 1400 B Firmware » Version: 11.000

cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:11.000
Rockwellautomation » Micrologix 1400 B Firmware » Version: 12.001

cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:12.001
Rockwellautomation » Micrologix 1400 B Firmware » Version: 13.000

cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:13.000
Rockwellautomation » Micrologix 1400 B Firmware » Version: 13.003

cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:13.003
Rockwellautomation » Micrologix 1400 B Firmware » Version: 14.000

cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:14.000
Rockwellautomation » Micrologix 1400 B Firmware » Version: 14.002

cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:14.002
Rockwellautomation » Micrologix 1400 B Firmware » Version: 15.000

cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:15.000
Rockwellautomation » Micrologix 1400 B Firmware » Version: 15.001

cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:15.001
Rockwellautomation » Micrologix 1400 B Firmware » Version: 15.002

cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:15.002
Rockwellautomation » Micrologix 1400 B Firmware » Version: 15.003

cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:15.003
Rockwellautomation » Micrologix 1400 B Firmware » Version: 15.004

cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:15.004
Rockwellautomation » Micrologix 1400 B Firmware » Version: 15.005

cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:15.005
Rockwellautomation » Micrologix 1400 B Firmware » Version: 16.000

cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:16.000
Rockwellautomation » Micrologix 1400 B Firmware » Version: 16.001

cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:16.001
Rockwellautomation » Micrologix 1400 B Firmware » Version: 16.002

cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:16.002
Rockwellautomation » Micrologix 1400 B Firmware » Version: 21.000

cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:21.000
Rockwellautomation » Micrologix 1400 B Firmware » Version: 21.001

cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:21.001
Rockwellautomation » Micrologix 1400 B Firmware » Version: 21.002

cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:21.002

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-14464

Products

Pricing

Contact Us