Design/Logic Flaw

2013-01-2421:55:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

High

0.029 Low

EPSS

Percentile

90.9%

JSON

Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400 allow remote attackers to cause a denial of service (control and communication outage) via a CIP message that specifies a reset.

CPENameOperatorVersion
compactlogix_controllers_firmwareeq19
compactlogix_firmwareeq18
controllogix_controllers_firmwareeq20
controllogix_firmwareeq18
guardlogix_controllers_firmwareeq20
guardlogix_firmwareeq18
softlogix_controllers_firmwareeq19
softlogix_firmwareeq18

Name	Operator	Version
compactlogix_controllers_firmware	eq	19
compactlogix_firmware	eq	18
controllogix_controllers_firmware	eq	20
controllogix_firmware	eq	18
guardlogix_controllers_firmware	eq	20
guardlogix_firmware	eq	18
softlogix_controllers_firmware	eq	19
softlogix_firmware	eq	18