Detections
Analytics
Rockwell Automation/Allen-Bradley MicroLogix 1100 Multiple Devices Buffer Overflow
critical Nessus Network Monitor Plugin ID 720076
Synopsis
Stack-based buffer overflow on Rockwell Automation Allen-Bradley MicroLogix 1100 devices allows remote attackers to execute arbitrary code.Description
Stack-based buffer overflow on Rockwell Automation Allen-Bradley MicroLogix 1100 devices A through 15.000 and B before 15.002 allows remote attackers to execute arbitrary code via a crafted web request.Solution
Perform vendor recommended mitigations and apply available vendor upgrades.See Also
http://www.securitytracker.com/id/1034861,https://ics-cert.us-cert.gov/advisories/ICSA-16-026-02
Plugin Details
Severity: Critical
ID: 720076
Family: SCADA
Published: 5/8/2019
Updated: 9/30/2019
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 7.4
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
Patch Publication Date: 1/26/2016
Vulnerability Publication Date: 1/26/2016
Reference Information
CVE: CVE-2016-0868