Podatność CVE-2018-17924


Publikacja: 2018-12-07

Opis:
Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upon successful connection, send a new IP configuration to the affected device even if the controller in the system is set to Hard RUN mode. When the affected device accepts this new IP configuration, a loss of communication occurs between the device and the rest of the system as the system traffic is still attempting to communicate with the device via the overwritten IP address.

Typ:

CWE-306

(Missing Authentication for Critical Function)

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)

Ogólna skala CVSS
Znaczenie
Łatwość wykorzystania
7.8/10
6.9/10
10/10
Wymagany dostęp
Złożoność ataku
Autoryzacja
Zdalny
Niska
Nie wymagana
Wpływ na poufność
Wpływ na integralność
Wpływ na dostępność
Brak
Brak
Pełny
Affected software
Rockwellautomation -> Micrologix 1400 firmware 
Rockwellautomation -> 1756-en2f series a firmware 
Rockwellautomation -> 1756-en2f series b firmware 
Rockwellautomation -> 1756-en2f series c firmware 
Rockwellautomation -> 1756-en2t series a firmware 
Rockwellautomation -> 1756-en2t series b firmware 
Rockwellautomation -> 1756-en2t series c firmware 
Rockwellautomation -> 1756-en2t series d firmware 
Rockwellautomation -> 1756-en2tr series a firmware 
Rockwellautomation -> 1756-en2tr series b firmware 
Rockwellautomation -> 1756-en2tr series c firmware 
Rockwellautomation -> 1756-en3tr series a firmware 
Rockwellautomation -> 1756-en3tr series b firmware 
Rockwellautomation -> 1756-enbt firmware 
Rockwellautomation -> 1756-eweb series a firmware 
Rockwellautomation -> 1756-eweb series b firmware 

 Referencje:
http://www.securityfocus.com/bid/106132
https://ics-cert.us-cert.gov/advisories/ICSA-18-310-02

Copyright 2024, cxsecurity.com

 

Back to Top