Vulnerability Note VU#144233
Rockwell Automation Allen-Bradley MicroLogix PLC authentication and authorization vulnerabilities
Rockwell Automation Allen-Bradley MicroLogix programmable logic controllers (PLCs) do not adequately authenticate or authorize remote connections or commands. An attacker with network access can obtain the management password or issue commands that bypass the authentication mechanism.
Rockwell Automation Allen-Bradley MicroLogix PLCs do not adequately authenticate or authorize remote connections or commands. Two vulnerable behaviors have been reported:
These vulnerabilities have been reported in the MicroLogix 1100 PLC. Other products in the MicroLogix series may also be affected.
An attacker with network access to a controller could obtain the management password or issue commands that bypass the authentication mechanism. The attacker could disable the controller or change the configuration.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Rockwell Automation||Affected||04 Sep 2009||03 Jun 2010|
CVSS Metrics (Learn More)
Thanks to Eyal Udassin of C4 Security for researching and reporting these vulnerabilities. Thanks also to Rockwell Automation for providing technical assistance and developing mitigation techniques.
This document was written by Art Manion.
- CVE IDs: CVE-2009-3739
- Date Public: 18 Dec 2009
- Date First Published: 19 Jan 2010
- Date Last Updated: 03 Jun 2010
- Severity Metric: 8.91
- Document Revision: 23
If you have feedback, comments, or additional information about this vulnerability, please send us email.