Rockwell Automation Allen-Bradley MicroLogix programmable logic controllers (PLCs) do not adequately authenticate or authorize remote connections or commands. An attacker with network access can obtain the management password or issue commands that bypass the authentication mechanism.
Rockwell Automation Allen-Bradley MicroLogix PLCs do not adequately authenticate or authorize remote connections or commands. Two vulnerable behaviors have been reported:
These vulnerabilities have been reported in the MicroLogix 1100 PLC. Other products in the MicroLogix series may also be affected.
An attacker with network access to a controller could obtain the management password or issue commands that bypass the authentication mechanism. The attacker could disable the controller or change the configuration.
|Temporal||0||E:Not Defined (ND)/RL:Not Defined (ND)/RC:Not Defined (ND)|
|Environmental||0||CDP:Not Defined (ND)/TD:Not Defined (ND)/CR:Not Defined (ND)/IR:Not Defined (ND)/AR:Not Defined (ND)|
Thanks to Eyal Udassin of C4 Security for researching and reporting these vulnerabilities. Thanks also to Rockwell Automation for providing technical assistance and developing mitigation techniques.
This document was written by Art Manion.
|Date First Published:||2010-01-20|
|Date Last Updated:||2010-06-03 19:38 UTC|