|2018-01-09||Other||Rockwell Automation||Thiago Alves of the University of Alabama reported the vulnerability to Rockwell Automation and ICS-CERT.||N/A||CVE-2017-1674 ||N/A||N/A||N/A|
# Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers
### VULNERABLE VENDOR
### VULNERABLE PRODUCT
Allen-Bradley MicroLogix 1400 Controllers
Thiago Alves of the University of Alabama reported the vulnerability to Rockwell Automation and ICS-CERT.
### AFFECTED PRODUCTS
The following versions of MicroLogix 1400 Controllers, a PLC, are affected:
MicroLogix 1400 Controllers, Series B and C Versions 21.002 and earlier
Rockwell Automation reports that the following catalogs are affected:
Successful exploitation of this vulnerability could cause the device that the attacker is accessing to become unresponsive to Modbus TCP communications and affect the availability of the device.
### VULNERABILITY OVERVIEW
BUFFER COPY WITHOUT CHECKING SIZE OF INPUT ('CLASSIC BUFFER OVERFLOW') CWE-120
The stack-based buffer overflow vulnerability has been identified, which may allow remote code execution.
CVE-2017-16740 has been assigned to this vulnerability.
A CVSS v3 base score of 8.6 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H)
Critical Infrastructure Sector(s): Critical Manufacturing, Food and Agriculture, and Water and Wastewater Systems.
Countries/Areas Deployed: Worldwide
Company Headquarters Location: Wisconsin
Rockwell Automation encourages affected users to upgrade to the latest version of available firmware, FRN 21.003, which can be obtained from:
Rockwell Automation also suggests that Modbus TCP can be disabled if it is not necessary in the implementation of the device to mitigate the vulnerability.
For more information, Rockwell Automation has released a security bulletin that can be accessed using valid credentials at: