Unknown
CVE-2018-17924
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
CVE-2018-17924
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upon successful connection, send a new IP configuration to the affected device even if the controller in the system is set to Hard RUN mode. When the affected device accepts this new IP configuration, a loss of communication occurs between the device and the rest of the system as the system traffic is still attempting to communicate with the device via the overwritten IP address.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
Products
- 1756-en2f series a firmware -,
- 1756-en2f series b firmware -,
- 1756-en2f series c firmware,
- 1756-en2t series a firmware -,
- 1756-en2t series b firmware -,
- 1756-en2t series c firmware -,
- 1756-en2t series d firmware,
- 1756-en2tr series a firmware -,
- 1756-en2tr series b firmware -,
- 1756-en2tr series c firmware,
- 1756-en3tr series a firmware -,
- 1756-en3tr series b firmware,
- 1756-enbt firmware -,
- 1756-eweb series a firmware -,
- 1756-eweb series b firmware -,
- micrologix 1400 firmware -
References
Miscellaneous
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
