Rockwell Automation/Allen-Bradley MicroLogix 1400 Series A <= 7 and Series B <= 15.000 DNP3 Remote DoS

High Nessus Network Monitor Plugin ID 7147


A vulnerable MicroLogix 1400 programmable logic controller (PLC) has been detected.


Rockwell Automation/Allen-Bradley MicroLogix 1400 programmable logic controllers (PLCs) contain a denial of service vulnerability related to the DNP3 protocol stack. Successful exploitation of this vulnerability results in the PLC becoming non-responsive, and recovery requires a power cycle. This vulnerability can be exploited by sending a series of malformed DNP3 packets to the MicroLogix 1400's DNP3 interface. The MicroLogix 1400's DNP3 interface can be either a serial or Ethernet port. Note that DNP3 is disabled by default in MicroLogix 1400 PLCs and that this vulnerability can be exploited only in devices that have DNP3 enabled.


Upgrade the firmware of MicroLogix 1400 Series B PLCs to 15.001.

See Also

Plugin Details

Severity: High

ID: 7147

File Name: 7147.pasl

Version: 1.0

Family: SCADA

Published: 2014/10/20

Modified: 2014/11/13

Risk Information

Risk Factor: High


Base Score: 7.1

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/h:rockwellautomation:ab_micrologix_controller:1400

Patch Publication Date: 2014/10/03

Vulnerability Publication Date: 2014/10/03

Reference Information

CVE: CVE-2014-5410

BID: 70194

OSVDB: 111853