MicroLogix 1400 PLC Web Server Request Handling RCE

Critical Nessus Plugin ID 91385


The remote programmable logic controller (PLC) device is affected by a remote code execution vulnerability.


The firmware installed on the remote Allen-Bradley MicroLogix 1400 PLC device is a version prior to 15.004. It is, therefore, affected by a stack-based buffer overflow condition due to improper validation of user-supplied input when handling web requests. An unauthenticated, remote attacker can exploit this to cause a denial of service or to execute arbitrary code.


Upgrade to the latest firmware version. Alternatively, block all ports from external networks. See the vendor for further details.

See Also




Plugin Details

Severity: Critical

ID: 91385

File Name: scada_RA_76326_1400.nbin

Version: 1.38

Type: remote

Family: SCADA

Published: 2016/05/31

Updated: 2019/03/18

Dependencies: 90600

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/h:rockwellautomation:ab_micrologix_controller:1400

Patch Publication Date: 2015/11/02

Vulnerability Publication Date: 2015/10/26

Reference Information

CVE: CVE-2015-6490

BID: 77333