CVE-2014-5410

Rockwell Automation Micrologix 1400 Improper Input Validation

CVSS 7.1 EPSS 4.2%CWE-20

The DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400 1766-Lxxxxx A FRN controllers 7 and earlier and 1400 1766-Lxxxxx B FRN controllers before 15.001 allows remote attackers to cause a denial of service (process disruption) via malformed packets over (1) an Ethernet network or (2) a serial line.

AV:N/AC:M/Au:N/C:N/I:N/A:C

Affected products

Rockwell Automation · Allen-Bradley MicroLogix 1400

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2014/icsa-14-254-02.json https://ics-cert.us-cert.gov/advisories/ICSA-14-254-02 https://rockwellautomation.custhelp.com/app/answers/detail/a_id/620295 https://www.cisa.gov/news-events/ics-advisories/icsa-14-254-02