Talos Vulnerability Report: TALOS-2017-0445 Vulnerability Summary CVE Number: CVE-2017-12093 affected Product: Allen Bradley Micrologix 1400 Series B PLC Firmware 21.2 and earlier. Issue: Insufficient resource pool vulnerability in the session communication functionality. Impact: A specially crafted stream of packets can cause a flood of the session resource pool, resulting in legitimate connections being disconnected. Tested Versions Allen Bradley Micrologix 1400 Series B FRN 21.2 Allen Bradley Micrologix 1400 Series B FRN 21.0 Allen Bradley Micrologix 1400 Series B FRN 15 Product URLs Allen Bradley Micrologix 1400 CVSSv3 Score Base Score: 5.3 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CWE CWE-410: Insufficient Resource Pool Details The vulnerability allows an attacker to disconnect RSLogix/RSLogix sessions by flooding the system with 'Register Session' packets, preventing users from accessing the PLC. Exploit Proof-of-Concept Usage: python.py -i [ip] -p [port] -n [num_packets] Timeline 2017-09-22: Vendor Disclosure 2018-03-28: Public Release Credit Discovered by Jared Rittle and Patrick DeSantis of Cisco Talos.