CVE-2017-14468
Description
An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information, modification of settings, or modification of ladder logic. An attacker can send unauthenticated packets to trigger this vulnerability. Required Keyswitch State: REMOTE or PROG Description: This ability is leveraged in a larger exploit to flash custom firmware.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Unauthenticated attackers can read/write arbitrary files on Allen Bradley MicroLogix 1400 PLCs, leading to info disclosure, config/settings/ladder-logic modification.
Vulnerability
An exploitable access control vulnerability exists in the data, program, and function file permissions of Allen Bradley MicroLogix 1400 Series B FRN 21.2 and before (FRN 21.0, FRN 15). The PLC does not enforce proper access control on these files, allowing unauthenticated read/write operations via CIP encapsulated PCCC commands using function codes 0xa1, 0xa2 (read) or 0xa7, 0xa9, 0xaa, 0xab (write). The device must be in REMOTE or PROG keyswitch state for exploitation [1].
Exploitation
An attacker with network access to the PLC can send a specially crafted unauthenticated packet using the affected PCCC function codes. No prior authentication is required. The attacker can target any of the accessible files, such as ladder logic files, configuration files, or user memory files. The required keyswitch position is REMOTE or PROG (for most operations) [1].
Impact
Successful exploitation allows the attacker to read sensitive information (including the master password, ladder logic, or configuration data) and write arbitrary data, enabling modification of ladder logic, PLC settings (IP address, protocol enable/disable), or flashing custom firmware. The CVSS score is 10 (Critical) with impacts on confidentiality, integrity, and availability (C: H, I: H, A: H) and scope changed (S: C) [1].
Mitigation
Rockwell Automation has not yet released a patched firmware version cited in the reference. The advisory (TALOS-2017-0443) was published on 2018-04-05. Users should apply defense-in-depth measures such as network segmentation and restricting access to the PLC subnet. No fix has been disclosed in the available references [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: Series B FRN 21.2 and before
- Talos/Allen Bradleyv5Range: Allen Bradley Micrologix 1400 Series B FRN 21.2, Allen Bradley Micrologix 1400 Series B FRN 21.0, Allen Bradley Micrologix 1400 Series B FRN 15
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
1- www.talosintelligence.com/vulnerability_reports/TALOS-2017-0443mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.