CVE-2021-33012 Information

Description

Rockwell Automation MicroLogix 1100 all versions allows a remote unauthenticated attacker sending specially crafted commands to cause the PLC to fault when the controller is switched to RUN mode which results in a denial-of-service condition. If successfully exploited this vulnerability will cause the controller to fault whenever the controller is switched to RUN mode.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Reference

https://us-cert.cisa.gov/ics/advisories/icsa-21-189-01

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

CHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

8.6