{ "containers": { "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Allen-Bradley MicroLogix 1400", "vendor": "Rockwell Automation", "versions": [ { "lessThanOrEqual": "1766-Lxxxxx Series A FRN 7", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThanOrEqual": "1766-Lxxxxx Series B FRN 15.000", "status": "affected", "version": "0", "versionType": "custom" }, { "status": "unaffected", "version": "Series B FRN 15.001 or higher" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Matthew Luallen of CYBATI" } ], "datePublic": "2014-09-30T06:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "
The DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400 1766-Lxxxxx A FRN controllers 7 and earlier and 1400 1766-Lxxxxx B FRN controllers before 15.001 allows remote attackers to cause a denial of service (process disruption) via malformed packets over (1) an Ethernet network or (2) a serial line.
" } ], "value": "The DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400 1766-Lxxxxx A FRN controllers 7 and earlier and 1400 1766-Lxxxxx B FRN controllers before 15.001 allows remote attackers to cause a denial of service (process disruption) via malformed packets over (1) an Ethernet network or (2) a serial line." } ], "metrics": [ { "cvssV2_0": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2025-11-04T22:30:19.113Z" }, "references": [ { "url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/620295" }, { "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-254-02" }, { "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2014/icsa-14-254-02.json" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Rockwell Automation has released a new version of MicroLogix 1400 \nSeries B firmware to address the vulnerability and reduce associated \nrisk to successful exploitation. Subsequent versions of MicroLogix 1400 \nSeries B firmware and newer will incorporate these same enhancements.
\nRockwell Automation recommends the following immediate mitigation \nstrategies (when possible, multiple strategies should be employed \nsimultaneously):
\nhttp://www.rockwellautomation.com/rockwellautomation/support/pcdc.page
\n\n\nPlease refer to Rockwell Automation’s product disclosure (AID 620295) for more information on this topic available at:
\nhttps://rockwellautomation.custhelp.com/app/answers/detail/a_id/620295
\n\nUsers with Series A and Series B controllers are also recommended to apply the following risk mitigations:
\n*Note: Ports 20000/TCP and 20000/UDP are factory defaults \nas per the DNP3 specification but can be reconfigured by the product \nowner.
\nPlease refer to Rockwell Automation’s product disclosure (AID 620295) for more information on this topic available at:
\nhttps://rockwellautomation.custhelp.com/app/answers/detail/a_id/620295
\n\n