CVE-2017-12090
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
An exploitable denial of service vulnerability exists in the processing of snmp-set commands of the Allen Bradley Micrologix 1400 Series B FRN 21.2 and below. A specially crafted snmp-set request, when sent without associated firmware flashing snmp-set commands, can cause a device power cycle resulting in downtime for the device. An attacker can send one packet to trigger this vulnerability.
Existe una vulnerabilidad explotable de denegación de servicio (DoS) en el procesamiento de comandos snmp-set de Allen Bradley Micrologix 1400 Series B FRN, en versiones 21.2 y anteriores. Una petición snmp-set especialmente manipulada, cuando se envía sin comandos snmp-set asociados al flasheo de firmware, puede provocar un ciclo de energía del dispositivo que resulta en tiempo de inactividad para el dispositivo. Un atacante puede enviar un paquete para provocar esta vulnerabilidad.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-07-31 CVE Reserved
- 2018-04-05 CVE Published
- 2024-02-08 EPSS Updated
- 2024-09-16 CVE Updated
- 2024-09-16 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-400: Uncontrolled Resource Consumption
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|---|---|
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0442 | 2024-09-16 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Rockwellautomation Search vendor "Rockwellautomation" | Micrologix 1400 B Firmware Search vendor "Rockwellautomation" for product "Micrologix 1400 B Firmware" | <= 21.2 Search vendor "Rockwellautomation" for product "Micrologix 1400 B Firmware" and version " <= 21.2" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Micrologix 1400 Search vendor "Rockwellautomation" for product "Micrologix 1400" | - | - |
Safe
|