Rockwell Automation Allen-Bradley MicroLogix 1100 and 1400

Risk Summary

ATTENTION: Remotely exploitable/low skill level to exploit.

CVEs (5)

Remediations

• Rockwell Automation has released a new firmware version for the Allen-Bradley MicroLogix 1400 Series B controllers, FRN 21.00, to address the identified vulnerabilities. Rockwell Automation encourages users to apply the latest firmware versions that address the identified vulnerabilities.
• Rockwell Automation's new firmware version for the Allen-Bradley MicroLogix 1400 Series B controllers, FRN 21.00
• There are no firmware versions to address these vulnerabilities in the Allen-Bradley MicroLogix 1100 or MicroLogix 1400 Series A controllers, but Rockwell Automation has offered some compensating controls. Rockwell Automation reports that users can disable the web server on the Allen-Bradley MicroLogix 1100 and 1400 Series A controllers to protect against the exploitation of the improper restriction of excessive authentication attempts and weak password requirements vulnerabilities.
• Rockwell Automation recommends that if it is not needed, users should consider disabling the web server to further mitigate these threats.
• Disable the web server on the MicroLogix 1100 and 1400 controllers, if not needed, as it is enabled by default. See Knowledge Base article: 732398 for detailed instructions on disabling the web server. The Web Server Tech Note, KB: 732398 - How to Disable the Web Server in MicroLogix 1100 and 1400
• Set the mode to RUN via LCD soft keyswitch to prohibit any re-enabling of the web server while the keyswitch is in this mode.

Affected Vendors

Affected Products (10)

Affected Sectors

Food and Agriculture, Water and Wastewater Systems