CVE-2017-7924
Last modified
CVE-2017-7924 is a vulnerability of currently unknown severity. An Improper Input Validation issue was discovered in Rockwell Automation MicroLogix 1100 controllers 1763-L16BWA, 1763-L16AWA, 1763-L16BBB, and 1763-L16DWD. A remote, unauthenticated attacker could send a single, specially crafted Programmable Controller Communication Commands (PCCC) packet to the controller that could potentially cause the controller to enter a DoS condition.. EPSS estimates a 22.18% chance of exploitation in the next 30 days.
Description
An Improper Input Validation issue was discovered in Rockwell Automation MicroLogix 1100 controllers 1763-L16BWA, 1763-L16AWA, 1763-L16BBB, and 1763-L16DWD. A remote, unauthenticated attacker could send a single, specially crafted Programmable Controller Communication Commands (PCCC) packet to the controller that could potentially cause the controller to enter a DoS condition.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Rockwellautomation | 1763-L16bwa Firmware | All versions |
| Rockwellautomation | 1763-L16awa Firmware | All versions |
| Rockwellautomation | 1763-L16bbb Firmware | All versions |
| Rockwellautomation | 1763-L16dwd Firmware | All versions |
References
- http://www.securityfocus.com/bid/99622Third Party Advisory, VDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-17-138-03Mitigation, Third Party Advisory, US Government Resource
- http://www.securityfocus.com/bid/99622Third Party Advisory, VDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-17-138-03Mitigation, Third Party Advisory, US Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-7924?
How severe is CVE-2017-7924?
How do I fix CVE-2017-7924?
Are you affected by CVE-2017-7924?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST