Rockwell Automation/Allen-Bradley MicroLogix 1400 Series A <= 7 and Series B <= 15.000 DNP3 Remote DoS
High Nessus Network Monitor Plugin ID 7147
SynopsisA vulnerable MicroLogix 1400 programmable logic controller (PLC) has been detected.
DescriptionRockwell Automation/Allen-Bradley MicroLogix 1400 programmable logic controllers (PLCs) contain a denial of service vulnerability related to the DNP3 protocol stack. Successful exploitation of this vulnerability results in the PLC becoming non-responsive, and recovery requires a power cycle. This vulnerability can be exploited by sending a series of malformed DNP3 packets to the MicroLogix 1400's DNP3 interface. The MicroLogix 1400's DNP3 interface can be either a serial or Ethernet port. Note that DNP3 is disabled by default in MicroLogix 1400 PLCs and that this vulnerability can be exploited only in devices that have DNP3 enabled.
SolutionUpgrade the firmware of MicroLogix 1400 Series B PLCs to 15.001.