CVE-2014-5410

Rockwellautomation AB Micrologix Cont... - Improper Input Validation

Title source: rule

Description

The DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400 1766-Lxxxxx A FRN controllers 7 and earlier and 1400 1766-Lxxxxx B FRN controllers before 15.001 allows remote attackers to cause a denial of service (process disruption) via malformed packets over (1) an Ethernet network or (2) a serial line.

References (4)

Core 4

Core References

Various Sources

https://rockwellautomation.custhelp.com/app/answers/detail/a_id/620295

Third Party Advisory, US Government Resource

https://ics-cert.us-cert.gov/advisories/ICSA-14-254-02

Various Sources

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2014/icsa-14-254-02.json

View Writeup ZIP pw:eip

Third Party Advisory, US Government Resource

https://www.cisa.gov/news-events/ics-advisories/icsa-14-254-02

Scores

EPSS 0.0005

EPSS Percentile 14.2%

Details

CWE

CWE-399 CWE-20

Status published

Products (4)

Rockwell Automation/Allen-Bradley MicroLogix 1400 < 1766-Lxxxxx Series A FRN 7

Rockwell Automation/Allen-Bradley MicroLogix 1400 < 1766-Lxxxxx Series B FRN 15.000

Rockwell Automation/Allen-Bradley MicroLogix 1400 Series B FRN 15.001 or higher

rockwellautomation/ab_micrologix_controller 1400

Published Oct 03, 2014

Tracked Since Feb 18, 2026