Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers Stack-Based Buffer Overflow Vulnerability

A vulnerability in Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted device.

The vulnerability is due to a stack-based buffer overflow condition in the affected devices. An attacker could exploit this vulnerability to execute arbitrary code on a targeted device. A successful exploit could cause the targeted device to stop functioning, resulting in a DoS condition.

Rockwell Automation has confirmed the vulnerability and released a firmware update.

CVE number = CVE-2017-16740

Analysis

To exploit this vulnerability, the attacker may need access to trusted, internal networks to monitor and intercept network communications. This access requirement reduces the likelihood of a successful exploit.

Safeguards

Administrators are advised to apply the appropriate updates.

Administrators are advised to allow only trusted users to have network access.

Administrators may consider using IP-based access control lists (ACLs) to allow only trusted systems to access the affected systems.

Administrators can help protect affected systems from external attacks by using a solid firewall strategy.

Administrators are advised to monitor affected systems.

Vendor Announcements

ICS-CERT has released a security advisory at the following link: ICSA-18-009-01

Fixed Software

Rockwell Automation has released a firmware update at the following link: Rockwell Automation Updates

Image result for MicroLogix 1400

SystemTek

SystemTek – The Technology Experts – Providing technology news and information online since 1999

Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers Stack-Based Buffer Overflow Vulnerability

Related

Leave a Reply Cancel reply