Vulnerability Details CVE-2017-16740
A Buffer Overflow issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers, Series B and C Versions 21.002 and earlier. The stack-based buffer overflow vulnerability has been identified, which may allow remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.4%
CVSS Severity
CVSS v3 Score 10.0
CVSS v2 Score 7.5
References
- http://www.securityfocus.com/bid/102474
- https://ics-cert.us-cert.gov/advisories/ICSA-18-009-01
- https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1070883
- http://www.securityfocus.com/bid/102474
- https://ics-cert.us-cert.gov/advisories/ICSA-18-009-01
- https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1070883
Products affected by CVE-2017-16740
-
cpe:2.3:h:rockwellautomation:1766-l32awa:-
-
cpe:2.3:h:rockwellautomation:1766-l32awaa:-
-
cpe:2.3:h:rockwellautomation:1766-l32bwa:-
-
cpe:2.3:h:rockwellautomation:1766-l32bwaa:-
-
cpe:2.3:h:rockwellautomation:1766-l32bxb:-
-
cpe:2.3:h:rockwellautomation:1766-l32bxba:-
-
cpe:2.3:o:rockwellautomation:1766-l32awa_firmware:21.002
-
cpe:2.3:o:rockwellautomation:1766-l32awaa_firmware:21.002
-
cpe:2.3:o:rockwellautomation:1766-l32bwa_firmware:21.002
-
cpe:2.3:o:rockwellautomation:1766-l32bwaa_firmware:21.002
-
cpe:2.3:o:rockwellautomation:1766-l32bxb_firmware:21.002
-
cpe:2.3:o:rockwellautomation:1766-l32bxba_firmware:21.002