Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Rockwell Automation/Allen-Bradley MicroLogix 1400 Series A <= 7 and Series B <= 15.000 DNP3 Remote DoS

High

Synopsis

A vulnerable MicroLogix 1400 programmable logic controller (PLC) has been detected.

Description

Rockwell Automation/Allen-Bradley MicroLogix 1400 programmable logic controllers (PLCs) contain a denial of service vulnerability related to the DNP3 protocol stack. Successful exploitation of this vulnerability results in the PLC becoming non-responsive, and recovery requires a power cycle. This vulnerability can be exploited by sending a series of malformed DNP3 packets to the MicroLogix 1400's DNP3 interface. The MicroLogix 1400's DNP3 interface can be either a serial or Ethernet port. Note that DNP3 is disabled by default in MicroLogix 1400 PLCs and that this vulnerability can be exploited only in devices that have DNP3 enabled.

Solution

Upgrade the firmware of MicroLogix 1400 Series B PLCs to 15.001.