CVE-2017-12090

Severity CVSS v4.0:
Pending analysis
Type:
CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
Publication date:
05/04/2018
Last modified:
19/04/2022

Description

An exploitable denial of service vulnerability exists in the processing of snmp-set commands of the Allen Bradley Micrologix 1400 Series B FRN 21.2 and below. A specially crafted snmp-set request, when sent without associated firmware flashing snmp-set commands, can cause a device power cycle resulting in downtime for the device. An attacker can send one packet to trigger this vulnerability.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:*:*:*:*:*:*:*:* 21.2 (including)
cpe:2.3:h:rockwellautomation:micrologix_1400:-:*:*:*:*:*:*:*