MicroLogix 1400 PLC Web Server Request Handling RCE

Critical Nessus Plugin ID 91385

Synopsis

The remote programmable logic controller (PLC) device is affected by a remote code execution vulnerability.

Description

The firmware installed on the remote Allen-Bradley MicroLogix 1400 PLC device is a version prior to 15.004. It is, therefore, affected by a stack-based buffer overflow condition due to improper validation of user-supplied input when handling web requests. An unauthenticated, remote attacker can exploit this to cause a denial of service or to execute arbitrary code.

Solution

Upgrade to the latest firmware version. Alternatively, block all ports from external networks. See the vendor for further details.

See Also

https://ics-cert.us-cert.gov/advisories/ICSA-15-300-03A

https://ics-cert.us-cert.gov/alerts/ICS-ALERT-15-225-02A

http://www.nessus.org/u?e8ec3436

Plugin Details

Severity: Critical

ID: 91385

File Name: scada_RA_76326_1400.nbin

Version: 1.32

Type: remote

Family: SCADA

Published: 2016/05/31

Modified: 2018/11/15

Dependencies: 90600

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/h:rockwellautomation:ab_micrologix_controller:1400

Required KB Items: www/80/Rockwell Automation MicroLogix 1400 PLC Web Server/version, www/80/Rockwell Automation MicroLogix 1400 PLC Web Server/name, www/80/Rockwell Automation MicroLogix 1400 PLC Web Server/os

Patch Publication Date: 2015/11/02

Vulnerability Publication Date: 2015/10/26

Reference Information

CVE: CVE-2015-6490

BID: 77333