This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.
The remote web server running on the MicroLogix 1100 PLC is affected
by an denial of service vulnerability in the web server's password
The Rockwell Automation MicroLogix 1100 PLC integrated web server is
a firmware version that is prior to FRN 10.0. It is, therefore,
affected by a denial of service vulnerability due to a failure of the
authentication mechanism to properly handle remote connections or
commands. A remote attacker can exploit this, using a crafted request,
to cause the product to enter a predefined fault mode, resulting in
the device being reset to a factory-default state.
Note that Nessus has not attempted to exploit this issue but has
instead relied only on the self-reported version number.
See also :
Upgrade to MicroLogix 1100 PLC firmware release version FRN 10.0 or
Risk factor :
Critical / CVSS Base Score : 10.0