CVE-2018-17924

Published Dec 7, 2018
Last updated 3 years ago
CVSS high 8.6
Overview

Description: Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upon successful connection, send a new IP configuration to the affected device even if the controller in the system is set to Hard RUN mode. When the affected device accepts this new IP configuration, a loss of communication occurs between the device and the rest of the system as the system traffic is still attempting to communicate with the device via the overwritten IP address.
Source: ics-cert@hq.dhs.gov
NVD status: Analyzed
Risk scores

CVSS 3.1

Type: Primary
Base score: 8.6
Impact score: 4
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Severity: HIGH
CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C
Weaknesses

nvd@nist.gov: CWE-306
ics-cert@hq.dhs.gov: CWE-306
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:rockwellautomation:micrologix_1400_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "11507EFF-5C53-4217-9257-21936118C032"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:rockwellautomation:micrologix_1400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "196EA0BE-FDF3-46BE-B3DA-5F49208C5D80"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:rockwellautomation:1756-enbt_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "321698DF-C035-45A7-84A7-503C9162330F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:rockwellautomation:1756-enbt:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "330E9A05-C869-41B1-BB28-FD2A7C7ED0CE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:rockwellautomation:1756-eweb_series_a_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A8B22952-CE7C-4324-BF4D-61131FE4B253"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:rockwellautomation:1756-eweb_series_a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "045500B9-F371-4D33-9621-3E978606752D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:rockwellautomation:1756-eweb_series_b_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5153E2F2-FC41-4BF0-B625-EA50C55A5329"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:rockwellautomation:1756-eweb_series_b:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E4C4FF18-B699-4313-B504-F9C75816B512"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:rockwellautomation:1756-en2f_series_a_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D4B3185-B776-46C4-B47F-CE48861A422B"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:rockwellautomation:1756-en2f_series_a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "97AC710F-97B3-47A1-86EC-3148A21F16B2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:rockwellautomation:1756-en2f_series_b_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7242493E-0B2A-4AF3-BF44-15D3D1DB0021"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:rockwellautomation:1756-en2f_series_b:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FA49358A-F76E-4DEC-994C-B988DE38BF7F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:rockwellautomation:1756-en2f_series_c_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42555C87-3D2A-460F-85A4-626410C56731",
            "versionEndIncluding": "10.10"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:rockwellautomation:1756-en2f_series_c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C6E5B08F-BD0C-4B3F-9897-61C945981CC6"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:rockwellautomation:1756-en2t_series_a_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8E9CEA5-F039-484D-A234-1E3ADA352E32"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:rockwellautomation:1756-en2t_series_a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BBB6A3C1-6419-4CDB-B7F5-57F20DA43C5A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:rockwellautomation:1756-en2t_series_b_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ADCF431D-0F13-4037-BBDF-4199B5860CCA"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:rockwellautomation:1756-en2t_series_b:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5E9D2541-B0DB-4925-ACD6-FCC2A028FA4A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:rockwellautomation:1756-en2t_series_c_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9B8DEC1-3980-49E0-82B1-275FD7870EC9"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:rockwellautomation:1756-en2t_series_c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "13581B79-89FF-42F0-93C1-CB77582E7303"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:rockwellautomation:1756-en2t_series_d_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8BC034DA-D8ED-43CA-9D7B-2592B58BC0F4",
            "versionEndIncluding": "10.10"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:rockwellautomation:1756-en2t_series_d:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F71090C1-36AD-4A1B-92B5-CB391593DF4B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:rockwellautomation:1756-en2tr_series_a_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "94271569-D658-4F95-B9A6-2C1DB2647EB2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:rockwellautomation:1756-en2tr_series_a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A4A8E21A-3826-497C-9F3D-6D9091AD7647"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:rockwellautomation:1756-en2tr_series_b_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BAEF2D94-6224-4877-9169-E5B0DB3FAA25"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:rockwellautomation:1756-en2tr_series_b:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8607CD0D-0EE7-41CF-8E00-C0F5C83646A8"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:rockwellautomation:1756-en2tr_series_c_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "99562089-73F5-4AF9-BEE6-E7B977678AAD",
            "versionEndIncluding": "10.10"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:rockwellautomation:1756-en2tr_series_c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D58BA41B-3859-4489-9C74-730C27B1EFF0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:rockwellautomation:1756-en3tr_series_a_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE90B141-E680-4D15-8BCE-8D58909A3679"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:rockwellautomation:1756-en3tr_series_a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4824C266-82B1-4B74-AF72-BFCEF0547023"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:rockwellautomation:1756-en3tr_series_b_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3493D13F-CC5F-470D-ADFE-79C2C90665D6",
            "versionEndIncluding": "10.10"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:rockwellautomation:1756-en3tr_series_b:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "14CF3A11-7130-420A-B99E-8FADA7C23484"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References
