Summary
Detail | |||
---|---|---|---|
Vendor | Rockwellautomation | First view | 2018-12-07 |
Product | 1756-Enbt Firmware | Last view | 2018-12-07 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
CPE Name | Affected CVE |
---|---|
cpe:2.3:o:rockwellautomation:1756-enbt_firmware:-:*:*:*:*:*:*:* | 1 |
Related : CVE
Date | Alert | Description | |
---|---|---|---|
8.6 | 2018-12-07 | CVE-2018-17924 | Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upon successful connection, send a new IP configuration to the affected device even if the controller in the system is set to Hard RUN mode. When the affected device accepts this new IP configuration, a loss of communication occurs between the device and the rest of the system as the system traffic is still attempting to communicate with the device via the overwritten IP address. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
100% (1) | CWE-306 | Missing Authentication for Critical Function |