SB2018032825 - Multiple vulnerabilities in Rockwell Automation MicroLogix
Published: March 28, 2018
Security Bulletin ID
SB2018032825
Severity
High
Patch available
YES
Number of vulnerabilities
6
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 6 secuirty vulnerabilities.
1) Improper authentication (CVE-ID: CVE-2017-12088)
The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.The weakness exists in the Ethernet functionality due to improper authentication. A remote attacker can submit a specially crafted packet and cause the service to crash.
2) Improper authentication (CVE-ID: CVE-2017-12089)
The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.The weakness exists in the program download functionality due to improper authentication. A remote attacker can submit a specially crafted packet that does not indicate the download is complete to the controller during the standard download process and cause the service to crash.
3) Improper authentication (CVE-ID: CVE-2017-12090)
The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.The weakness exists in the processing of snmp-set commands due to improper authentication. A remote attacker can submit a specially crafted snmp-set request without associated SNMP-set commands for firmware flashing and cause the service to crash.
4) Improper authentication (CVE-ID: N/A)
The vulnerability allows a remote unauthenticated attacker to execute arbitrary code on the target system.The weakness exists due to improper authentication. A remote attacker can submit a specially crafted packet and execute arbitrary code.
Successful exploitation of the vulnerability may result in system compromise.
5) Improper authentication (CVE-ID: CVE-2017-12092)
The vulnerability allows a remote unauthenticated attacker to write arbitrary files on the target system.The weakness exists in the memory module functionality due to improper authentication. A remote attacker can submit a specially crafted packet and write arbitrary files.
6) Improper authentication (CVE-ID: CVE-2017-12093)
The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.The weakness exists in the session communication functionality due to improper authentication. A remote attacker can submit a specially crafted stream of packets that trigger a flood of the session resource pool and cause the service to crash.
Remediation
Install update from vendor's website.
References
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0440
- https://ics-cert.us-cert.gov/advisories/ICSA-18-095-01
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0441
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0442
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0443
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0444
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0445