Lucene search

K

Rockwell Automation Micrologix Improper Access Control (CVE-2017-14467)

Micrologix 1400 Series B FRN 21.2 Improper Access Contro

Show more
Related
Refs
Code
ReporterTitlePublishedViews
Family
Cvelist
CVE-2017-14467
5 Apr 201821:00
cvelist
CVE
CVE-2017-14467
5 Apr 201821:29
cve
CVE
CVE-2017-12091
27 Feb 201816:29
cve
NVD
CVE-2017-14467
5 Apr 201821:29
nvd
NVD
CVE-2017-12091
27 Feb 201816:29
nvd
Tenable Nessus
Rockwellautomation Micrologix Unspecified Vulnerability
8 Nov 201900:00
nessus
Prion
Improper access control
5 Apr 201821:29
prion
Talos
Allen Bradley Micrologix 1400 Series B Unauthenticated Data/Program/Function File Improper Access Control Vulnerability
28 Mar 201800:00
talos
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(500208);
  script_version("1.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/12/18");

  script_cve_id("CVE-2017-14467");

  script_name(english:"Rockwell Automation Micrologix Improper Access Control (CVE-2017-14467)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of
Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write
operation resulting in disclosure of sensitive information, modification of settings, or modification of ladder logic.
An attacker can send unauthenticated packets to trigger this vulnerability. Required Keyswitch State: REMOTE
Description: Live rung edits are able to be made by an unauthenticated user allowing for addition, deletion, or
modification of existing ladder logic. Additionally, faults and cpu state modification can be triggered if specific
ladder logic is used.  

This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot
for more information.");
  # https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0443
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?c8699acc");
  # https://www.rockwellautomation.com/en-us/support/advisory.PN1015.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?9d68ca89");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-14467");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/05");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/04/05");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/02/07");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:rockwellautomation:micrologix_1400_b_firmware");
  script_set_attribute(attribute:"generated_plugin", value:"former");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Rockwell");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Rockwell');

var asset = tenable_ot::assets::get(vendor:'Rockwell');

var vuln_cpes = {
    "cpe:/o:rockwellautomation:micrologix_1400_b_firmware" :
        {"versionEndIncluding" : "21.2", "family" : "MicroLogix1400"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo