Products

Solutions

Company

Book A Live Demo

CVE-2017-12093 : Security Advisory and Response

Learn about CVE-2017-12093, a vulnerability in Allen Bradley Micrologix 1400 Series B Firmware that can lead to a denial of service attack. Find out the impact, affected systems, exploitation mechanism, and mitigation steps.

A vulnerability in the session communication feature of Allen Bradley Micrologix 1400 Series B Firmware 21.2 and earlier versions can lead to a denial of service attack by exhausting the session resource pool.

Understanding CVE-2017-12093

This CVE involves a vulnerability in Allen Bradley Micrologix 1400 Series B Firmware that can be exploited to disrupt legitimate connections to the PLC.

What is CVE-2017-12093?

The vulnerability allows attackers to disrupt legitimate connections to the PLC by sending specially crafted packets, causing excessive usage of the session resource pool.

The Impact of CVE-2017-12093

CVSS Base Score

Attack Vector

Attack Complexity

Availability Impact

Scope

Privileges Required

User Interaction

Confidentiality Impact

Integrity Impact

Technical Details of CVE-2017-12093

This section provides detailed technical information about the vulnerability.

Vulnerability Description

The vulnerability exists in the session communication functionality of Allen Bradley Micrologix 1400 Series B Firmware 21.2 and earlier.

Attackers can disrupt legitimate connections by flooding the session resource pool with crafted packets.

Affected Systems and Versions

Affected Product

Vendor

Affected Versions

Allen Bradley Micrologix 1400 Series B FRN 21.2

Allen Bradley Micrologix 1400 Series B FRN 21.0

Allen Bradley Micrologix 1400 Series B FRN 15

Exploitation Mechanism

Attackers exploit the vulnerability by sending packets without authentication, triggering excessive resource pool usage.

Mitigation and Prevention

Protecting systems from CVE-2017-12093 requires immediate actions and long-term security practices.

Immediate Steps to Take

Apply vendor-supplied patches promptly.

Implement network segmentation to limit exposure.

Monitor network traffic for any unusual patterns.

Long-Term Security Practices

Regularly update and patch all software and firmware.

Conduct security assessments and penetration testing.

Patching and Updates

Stay informed about security updates from the vendor.

Apply patches as soon as they are released to mitigate the vulnerability.

CVE-2017-12093 : Security Advisory and Response

Understanding CVE-2017-12093

What is CVE-2017-12093?

The Impact of CVE-2017-12093

Technical Details of CVE-2017-12093

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now

CVE-2017-12093 : Security Advisory and Response

.css-lczsrn{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:24px;font-weight:700;margin-top:1rem;font-family:sans-serif;}Understanding CVE-2017-12093

.css-ru2q5j{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:1.2rem;font-weight:700;margin-top:1rem;margin-bottom:0rem;font-family:sans-serif;}What is CVE-2017-12093?

The Impact of CVE-2017-12093

Technical Details of CVE-2017-12093

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities? Find Out Now

Understanding CVE-2017-12093

What is CVE-2017-12093?

Is your System Free of Underlying Vulnerabilities?
Find Out Now