Vulnerability Details : CVE-2017-7924
Public exploit exists!
An Improper Input Validation issue was discovered in Rockwell Automation MicroLogix 1100 controllers 1763-L16BWA, 1763-L16AWA, 1763-L16BBB, and 1763-L16DWD. A remote, unauthenticated attacker could send a single, specially crafted Programmable Controller Communication Commands (PCCC) packet to the controller that could potentially cause the controller to enter a DoS condition.
Vulnerability category: Input validationDenial of service
Products affected by CVE-2017-7924
- cpe:2.3:o:rockwellautomation:1763-l16bwa_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:rockwellautomation:1763-l16awa_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:rockwellautomation:1763-l16bbb_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:rockwellautomation:1763-l16dwd_firmware:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-7924
3.35%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 91 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2017-7924
-
DoS Exploitation of Allen-Bradley's Legacy Protocol (PCCC)
First seen: 2020-04-26auxiliary/dos/scada/allen_bradley_pcccA remote, unauthenticated attacker could send a single, specially crafted Programmable Controller Communication Commands (PCCC) packet to the controller that could potentially cause the controller to enter a DoS condition. MicroLogix 1100 controllers are affected: 17
CVSS scores for CVE-2017-7924
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2017-7924
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by:
- ics-cert@hq.dhs.gov (Secondary)
- nvd@nist.gov (Primary)
References for CVE-2017-7924
-
http://www.securityfocus.com/bid/99622
Rockwell Automation MicroLogix 1100 CVE-2017-7924 Remote Denial of Service VulnerabilityThird Party Advisory;VDB Entry
-
https://ics-cert.us-cert.gov/advisories/ICSA-17-138-03
Rockwell Automation MicroLogix 1100 Controllers | CISAMitigation;Third Party Advisory;US Government Resource
Jump to