Denial of Service Vulnerability in Rockwell Automation MicroLogix Controllers
CVE-2014-5410

Currently unrated

Key Information:

Vendor: Rockwell Automation
Status: Allen-bradley Micrologix 1400
Vendor: CVE Published:; 3 October 2014

🔔 Create Rockwell Automation Vulnerability Alert

What is CVE-2014-5410?

The DNP3 feature on specific Rockwell Automation MicroLogix 1400 controllers is susceptible to a remote denial of service attack. Attackers can exploit this vulnerability by sending specially crafted packets over an Ethernet network or a serial line, leading to process disruptions and potential loss of control system functionality. This poses significant risks to industrial applications relying on these controllers, as operational continuity may be severely impacted.

Affected Version(s)

Allen-Bradley MicroLogix 1400 0 <= 1766-Lxxxxx Series A FRN 7

Allen-Bradley MicroLogix 1400 0 <= 1766-Lxxxxx Series B FRN 15.000

Allen-Bradley MicroLogix 1400 Series B FRN 15.001 or higher

References

https://rockwellautomation.custhelp.com/app/answers/detai...

https://www.cisa.gov/news-events/ics-advisories/icsa-14-2...

https://github.com/cisagov/CSAF/blob/develop/csaf_files/O...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 3, 2014
Vulnerability Reserved
Aug 22, 2014

JSON