Sign-up

ID

VAR-201812-0141


CVE

CVE-2018-17924


TITLE

Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules Vulnerabilities related to lack of authentication for critical functions

Trust: 0.8

sources: JVNDB: JVNDB-2018-013002

DESCRIPTION

Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upon successful connection, send a new IP configuration to the affected device even if the controller in the system is set to Hard RUN mode. When the affected device accepts this new IP configuration, a loss of communication occurs between the device and the rest of the system as the system traffic is still attempting to communicate with the device via the overwritten IP address. Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules Is vulnerable to a lack of authentication for critical functions.Service operation interruption (DoS) There is a possibility of being put into a state. Rockwell Automation MicroLogix 1400 Controllers Series A, etc. are programmable logic controllers of Rockwell Automation in the United States. An attacker can exploit this issue to modify system settings to cause a denial-of-service condition. The following products are vulnerable: MicroLogix 1400 Controllers 1756 ControlLogix EtherNet/IP Communications Modules. The following products and versions are affected: MicroLogix 1400 Controllers Series A (all versions), Series B 21.003 and earlier, Series C 21.003 and earlier; 1756-ENBT (all versions), 1756-EWEB Series A (all versions), 1756 -EWEB Series B (all versions), 1756-EN2F Series A (all versions), 1756-EN2F Series B (all versions), 1756-EN2F Series C 10.10 and earlier, 1756-EN2T Series A (all versions), 1756 -EN2T Series B (all versions), 1756-EN2T Series C (all versions), 1756-EN2T 10.10 and earlier, 1756-EN2TR Series A (all versions), 1756-EN2TR Series B (all versions), Series C 10.10 1756-EN3TR Series A (all versions), 1756-EN3TR Series B 10.10 and earlier (1756 ControlLogix EtherNet/IP communication module)

Trust: 2.52

sources: NVD: CVE-2018-17924 // JVNDB: JVNDB-2018-013002 // CNVD: CNVD-2020-38702 // BID: 106132 // VULHUB: VHN-128432

IOT TAXONOMY

category:['ICS', 'Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-38702

AFFECTED PRODUCTS

vendor:rockwellautomationmodel:1756-en2t series bscope:eqversion: -

Trust: 1.6

vendor:rockwellautomationmodel:1756-en2t series ascope:eqversion: -

Trust: 1.6

vendor:rockwellautomationmodel:1756-en2tr series bscope:eqversion: -

Trust: 1.6

vendor:rockwellautomationmodel:1756-en3tr series ascope:eqversion: -

Trust: 1.6

vendor:rockwellautomationmodel:1756-en2tr series ascope:eqversion: -

Trust: 1.6

vendor:rockwellautomationmodel:1756-en2t series cscope:eqversion: -

Trust: 1.6

vendor:rockwellautomationmodel:micrologix 1400scope:eqversion: -

Trust: 1.0

vendor:rockwellautomationmodel:1756-en3tr series bscope:lteversion:10.10

Trust: 1.0

vendor:rockwellautomationmodel:1756-en2f series bscope:eqversion: -

Trust: 1.0

vendor:rockwellautomationmodel:1756-eweb series ascope:eqversion: -

Trust: 1.0

vendor:rockwellautomationmodel:1756-en2tr series cscope:lteversion:10.10

Trust: 1.0

vendor:rockwellautomationmodel:1756-en2t series dscope:lteversion:10.10

Trust: 1.0

vendor:rockwellautomationmodel:1756-eweb series bscope:eqversion: -

Trust: 1.0

vendor:rockwellautomationmodel:1756-en2f series cscope:lteversion:10.10

Trust: 1.0

vendor:rockwellautomationmodel:1756-en2f series ascope:eqversion: -

Trust: 1.0

vendor:rockwellautomationmodel:1756-enbtscope:eqversion: -

Trust: 1.0

vendor:rockwell automationmodel:1756-en2f seriesscope: - version: -

Trust: 0.8

vendor:rockwell automationmodel:1756-en2t seriesscope: - version: -

Trust: 0.8

vendor:rockwell automationmodel:1756-en2tr seriesscope: - version: -

Trust: 0.8

vendor:rockwell automationmodel:1756-en3tr seriesscope: - version: -

Trust: 0.8

vendor:rockwell automationmodel:1756-enbtscope: - version: -

Trust: 0.8

vendor:rockwell automationmodel:1756-eweb seriesscope: - version: -

Trust: 0.8

vendor:rockwell automationmodel:micrologix 1400scope: - version: -

Trust: 0.8

vendor:rockwellmodel:automation micrologix controllers series ascope:eqversion:1400

Trust: 0.6

vendor:rockwellmodel:automation series bscope:lteversion:<=21.003

Trust: 0.6

vendor:rockwellmodel:automation series cscope:lteversion:<=21.003

Trust: 0.6

vendor:rockwellmodel:automation 1756-en2f series cscope:lteversion:<=10.10

Trust: 0.6

vendor:rockwellmodel:automation 1756-en2f series bscope: - version: -

Trust: 0.6

vendor:rockwellmodel:automation 1756-en2f series ascope: - version: -

Trust: 0.6

vendor:rockwellmodel:automation 1756-eweb series bscope: - version: -

Trust: 0.6

vendor:rockwellmodel:automation 1756-eweb series ascope: - version: -

Trust: 0.6

vendor:rockwellmodel:automation 1756-enbtscope: - version: -

Trust: 0.6

vendor:rockwellmodel:automation 1756-en2tr series ascope: - version: -

Trust: 0.6

vendor:rockwellmodel:automation 1756-en2tr series bscope: - version: -

Trust: 0.6

vendor:rockwellmodel:automation series cscope:lteversion:<=10.10

Trust: 0.6

vendor:rockwellmodel:automation 1756-en3tr series ascope: - version: -

Trust: 0.6

vendor:rockwellmodel:automation 1756-en3tr series bscope:lteversion:<=10.10

Trust: 0.6

vendor:rockwellautomationmodel:1756-en2f series cscope:eqversion:10.10

Trust: 0.6

vendor:rockwellautomationmodel:1756-en2tr series cscope:eqversion:10.10

Trust: 0.6

vendor:rockwellautomationmodel:1756-en3tr series bscope:eqversion:10.10

Trust: 0.6

vendor:rockwellautomationmodel:1756-en2t series dscope:eqversion:10.10

Trust: 0.6

vendor:rockwellmodel:automation 1756-en3tr series bscope:eqversion:10.10

Trust: 0.3

vendor:rockwellmodel:automation 1756-en3tr series ascope:eqversion:0

Trust: 0.3

vendor:rockwellmodel:automation 1756-en2tr series cscope:eqversion:10.10

Trust: 0.3

vendor:rockwellmodel:automation 1756-en2tr series bscope:eqversion:0

Trust: 0.3

vendor:rockwellmodel:automation 1756-en2tr series ascope:eqversion:0

Trust: 0.3

vendor:rockwellmodel:automation 1756-en2t series bscope:eqversion:0

Trust: 0.3

vendor:rockwallmodel:automation micrologix controllers series cscope:eqversion:140021.003

Trust: 0.3

vendor:rockwallmodel:automation micrologix controllers series bscope:eqversion:140021.003

Trust: 0.3

vendor:rockwallmodel:automation micrologix controllers series ascope:eqversion:14000

Trust: 0.3

vendor:rockwallmodel:automation 1756-eweb series ascope:eqversion:0

Trust: 0.3

vendor:rockwallmodel:automation 1756-en2t series dscope:eqversion:10.10

Trust: 0.3

vendor:rockwallmodel:automation 1756-en2t series cscope:eqversion:0

Trust: 0.3

vendor:rockwallmodel:automation 1756-en2t series ascope:eqversion:0

Trust: 0.3

vendor:rockwallmodel:automation 1756-en2f series cscope:eqversion:10.10

Trust: 0.3

vendor:rockwallmodel:automation 1756-en2f series bscope:eqversion:0

Trust: 0.3

vendor:rockwallmodel:automation 1756-en2f series ascope:eqversion:0

Trust: 0.3

vendor:rockwallmodel:automation controllogix ethernet/ip communications modulesscope:eqversion:17560

Trust: 0.3

vendor:rockwellmodel:automation micrologix controllers 1766-lxxx series b frnscope:neversion:140021.004

Trust: 0.3

vendor:rockwellmodel:automation controllogix ethernet/ip communications modules frnscope:neversion:175611.001

Trust: 0.3

sources: CNVD: CNVD-2020-38702 // BID: 106132 // JVNDB: JVNDB-2018-013002 // CNNVD: CNNVD-201812-279 // NVD: CVE-2018-17924

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-17924
value: HIGH

Trust: 1.0

NVD: CVE-2018-17924
value: HIGH

Trust: 0.8

CNVD: CNVD-2020-38702
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201812-279
value: HIGH

Trust: 0.6

VULHUB: VHN-128432
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-17924
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2020-38702
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-128432
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-17924
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.1

Trust: 1.0

NVD: CVE-2018-17924
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2020-38702 // VULHUB: VHN-128432 // JVNDB: JVNDB-2018-013002 // CNNVD: CNNVD-201812-279 // NVD: CVE-2018-17924

PROBLEMTYPE DATA

problemtype:CWE-306

Trust: 1.9

sources: VULHUB: VHN-128432 // JVNDB: JVNDB-2018-013002 // NVD: CVE-2018-17924

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201812-279

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-201812-279

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-013002

PATCH
title:Top Pageurl:https://www.rockwellautomation.com/global/overview.page
Trust: 0.8
title:Patch for Multiple Rockwell Automation products denial of service vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/225433
Trust: 0.6
title:Multiple Rockwell Automation Product security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=87546
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-38702 // 
            
            
            
            JVNDB: JVNDB-2018-013002 // 
            
            
            
            CNNVD: CNNVD-201812-279

EXTERNAL IDS
db:NVDid:CVE-2018-17924
Trust: 3.4
db:ICS CERTid:ICSA-18-310-02
Trust: 2.8
db:BIDid:106132
Trust: 2.6
db:JVNDBid:JVNDB-2018-013002
Trust: 0.8
db:CNVDid:CNVD-2020-38702
Trust: 0.7
db:CNNVDid:CNNVD-201812-279
Trust: 0.7
db:SEEBUGid:SSVID-98844
Trust: 0.1
db:VULHUBid:VHN-128432
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2020-38702 // 
            
            
            
            VULHUB: VHN-128432 // 
            
            
            
            BID: 106132 // 
            
            
            
            JVNDB: JVNDB-2018-013002 // 
            
            
            
            CNNVD: CNNVD-201812-279 // 
            
            
            
            NVD: CVE-2018-17924

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-18-310-02
Trust: 2.8
url:http://www.securityfocus.com/bid/106132
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2018-17924
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-17924
Trust: 0.8
url:http://www.rockwellautomation.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2020-38702 // 
            
            
            
            VULHUB: VHN-128432 // 
            
            
            
            BID: 106132 // 
            
            
            
            JVNDB: JVNDB-2018-013002 // 
            
            
            
            CNNVD: CNNVD-201812-279 // 
            
            
            
            NVD: CVE-2018-17924

CREDITS
David Noren
Trust: 0.3
sources:
            
            
            BID: 106132

SOURCES
db:CNVDid:CNVD-2020-38702
db:VULHUBid:VHN-128432
db:BIDid:106132
db:JVNDBid:JVNDB-2018-013002
db:CNNVDid:CNNVD-201812-279
db:NVDid:CVE-2018-17924

LAST UPDATE DATE
2024-11-23T22:45:08.644000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2020-38702date:2020-07-14T00:00:00
db:VULHUBid:VHN-128432date:2019-10-09T00:00:00
db:BIDid:106132date:2018-12-06T00:00:00
db:JVNDBid:JVNDB-2018-013002date:2019-02-13T00:00:00
db:CNNVDid:CNNVD-201812-279date:2019-10-17T00:00:00
db:NVDid:CVE-2018-17924date:2024-11-21T03:55:13.093

SOURCES RELEASE DATE
db:CNVDid:CNVD-2020-38702date:2020-07-14T00:00:00
db:VULHUBid:VHN-128432date:2018-12-07T00:00:00
db:BIDid:106132date:2018-12-06T00:00:00
db:JVNDBid:JVNDB-2018-013002date:2019-02-13T00:00:00
db:CNNVDid:CNNVD-201812-279date:2018-12-07T00:00:00
db:NVDid:CVE-2018-17924date:2018-12-07T14:29:00.663