Sign-up

ID

VAR-201001-0014


CVE

CVE-2009-3739


TITLE

Rockwell Automation AB Micrologix Controller Password Leak and Bypass Security Restriction Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2010-5367 // CNNVD: CNNVD-201001-208

DESCRIPTION

Multiple unspecified vulnerabilities on the Rockwell Automation AB Micrologix 1100 and 1400 controllers allow remote attackers to obtain privileged access or cause a denial of service (halt) via unknown vectors. Rockwell Automation Allen-Bradley MicroLogix programmable logic controllers (PLCs) do not adequately authenticate or authorize remote connections or commands. An attacker with network access can obtain the management password or issue commands that bypass the authentication mechanism. Rockwell Automation Allen-Bradley MicroLogix PLC Has multiple vulnerabilities. PLC By a third party who has access to the network where PLC There is a possibility that the management password of the system is obtained, or arbitrary commands are executed without authentication.PLC By a third party who has access to the network where PLC Settings have been changed or service operation has been interrupted (DoS) There is a possibility of being attacked. MicroLogix is a family of small programmable controllers that are widely used in industrial automation. The communication protocol of the MicroLogix controller has a controller password leak and a bypass security vulnerability. Attackers may exploit these issues to gain unauthorized access to the programmable logic controller (PLC). Successful exploits will allow attackers to compromise affected devices. Other attacks are also possible

Trust: 3.6

sources: NVD: CVE-2009-3739 // CERT/CC: VU#144233 // JVNDB: JVNDB-2010-001059 // CNVD: CNVD-2010-5367 // BID: 37827 // IVD: 7d7a45c2-463f-11e9-9933-000c29342cb1 // IVD: 6f6a849a-2356-11e6-abef-000c29c66e3d // VULHUB: VHN-41185

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.0

sources: IVD: 7d7a45c2-463f-11e9-9933-000c29342cb1 // IVD: 6f6a849a-2356-11e6-abef-000c29c66e3d // CNVD: CNVD-2010-5367

AFFECTED PRODUCTS

vendor:rockwellautomationmodel:ab micrologix controller 1400scope:eqversion:*

Trust: 1.0

vendor:rockwellautomationmodel:ab micrologix controller 1100scope:eqversion:*

Trust: 1.0

vendor:rockwell automationmodel: - scope: - version: -

Trust: 0.8

vendor:rockwell automationmodel:allen-bradley micrologixscope:eqversion:1100

Trust: 0.8

vendor:rockwell automationmodel:allen-bradley micrologixscope:eqversion:1400

Trust: 0.8

vendor:abmodel:micrologix controller rockwellautomationscope:eqversion:1100

Trust: 0.6

vendor:abmodel:micrologix controller rockwellautomationscope:eqversion:1400

Trust: 0.6

vendor:rockwellautomationmodel:ab micrologix controller 1100scope: - version: -

Trust: 0.6

vendor:rockwellautomationmodel:ab micrologix controller 1400scope: - version: -

Trust: 0.6

vendor:ab micrologix controller 1100model: - scope:eqversion:*

Trust: 0.4

vendor:ab micrologix controller 1400model: - scope:eqversion:*

Trust: 0.4

vendor:rockwellmodel:automation micrologixscope:eqversion:14000

Trust: 0.3

vendor:rockwellmodel:automation micrologixscope:eqversion:11000

Trust: 0.3

sources: IVD: 7d7a45c2-463f-11e9-9933-000c29342cb1 // IVD: 6f6a849a-2356-11e6-abef-000c29c66e3d // CERT/CC: VU#144233 // CNVD: CNVD-2010-5367 // BID: 37827 // JVNDB: JVNDB-2010-001059 // CNNVD: CNNVD-201001-208 // NVD: CVE-2009-3739

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2009-3739
value: HIGH

Trust: 1.0

CARNEGIE MELLON: VU#144233
value: 8.91

Trust: 0.8

NVD: CVE-2009-3739
value: HIGH

Trust: 0.8

CNVD: CNVD-2010-5367
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201001-208
value: CRITICAL

Trust: 0.6

IVD: 7d7a45c2-463f-11e9-9933-000c29342cb1
value: CRITICAL

Trust: 0.2

IVD: 6f6a849a-2356-11e6-abef-000c29c66e3d
value: CRITICAL

Trust: 0.2

VULHUB: VHN-41185
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2009-3739
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2010-5367
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 7d7a45c2-463f-11e9-9933-000c29342cb1
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 6f6a849a-2356-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-41185
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: 7d7a45c2-463f-11e9-9933-000c29342cb1 // IVD: 6f6a849a-2356-11e6-abef-000c29c66e3d // CERT/CC: VU#144233 // CNVD: CNVD-2010-5367 // VULHUB: VHN-41185 // JVNDB: JVNDB-2010-001059 // CNNVD: CNNVD-201001-208 // NVD: CVE-2009-3739

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2009-3739

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201001-208

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201001-208

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2010-001059

PATCH
title:MicroLogix Programmable Logic Controllersurl:http://www.ab.com/programmablecontrol/plc/micrologix/index.html
Trust: 0.8
title:Password Security Vulnerability in MicroLogix? Controllersurl:http://rockwellautomation.custhelp.com/app/answers/detail/a_id/65980/kw/65980/r_id/113025
Trust: 0.8
title:Client Software Authentication Security Vulnerability in MicroLogix? Controllersurl:http://rockwellautomation.custhelp.com/app/answers/detail/a_id/65982/kw/65982/r_id/113025
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2010-001059

EXTERNAL IDS
db:NVDid:CVE-2009-3739
Trust: 3.8
db:CERT/CCid:VU#144233
Trust: 1.9
db:CNNVDid:CNNVD-201001-208
Trust: 1.1
db:CNVDid:CNVD-2010-5367
Trust: 1.0
db:JVNDBid:JVNDB-2010-001059
Trust: 0.8
db:BUGTRAQid:20100115 C4 SCADA SECURITY ADVISORY - ROCKWELL AUTOMATION (ALLEN BRADLEY) MULTIPLE VULNERABILITIES IN MICROLOGIX 1100 & 1400 SERIES CONTROLLERS
Trust: 0.6
db:NSFOCUSid:14370
Trust: 0.6
db:BIDid:37827
Trust: 0.4
db:IVDid:7D7A45C2-463F-11E9-9933-000C29342CB1
Trust: 0.2
db:IVDid:6F6A849A-2356-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:VULHUBid:VHN-41185
Trust: 0.1
sources:
            
            
            IVD: 7d7a45c2-463f-11e9-9933-000c29342cb1 // 
            
            
            
            IVD: 6f6a849a-2356-11e6-abef-000c29c66e3d // 
            
            
            
            CERT/CC: VU#144233 // 
            
            
            
            CNVD: CNVD-2010-5367 // 
            
            
            
            VULHUB: VHN-41185 // 
            
            
            
            BID: 37827 // 
            
            
            
            JVNDB: JVNDB-2010-001059 // 
            
            
            
            CNNVD: CNNVD-201001-208 // 
            
            
            
            NVD: CVE-2009-3739

REFERENCES
url:http://www.securityfocus.com/archive/1/archive/1/508946/100/0/threaded
Trust: 1.4
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3739
Trust: 1.4
url:http://www.securityfocus.com/archive/1/508946/100/0/threaded
Trust: 1.1
url:http://www.kb.cert.org/vuls/id/144233
Trust: 1.1
url:http://www.ab.com/programmablecontrol/plc/micrologix/index.html
Trust: 0.8
url:http://www.rockwellautomation.com/rockwellsoftware/design/rslogix5/
Trust: 0.8
url:http://rockwellautomation.custhelp.com/app/answers/detail/a_id/65980/kw/65980/r_id/113025
Trust: 0.8
url:http://rockwellautomation.custhelp.com/app/answers/detail/a_id/65982/kw/65982/r_id/113025 
Trust: 0.8
url:http://www.rockwellautomation.com/solutions/security
Trust: 0.8
url:http://rockwellautomation.custhelp.com/app/answers/detail/a_id/65982/kw/65982/r_id/113025
Trust: 0.8
url:http://www.scada-security.com/vulnerabilities/rockwellautomation1.html
Trust: 0.8
url:http://jvn.jp/cert/jvnvu144233/
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3739
Trust: 0.8
url:http://www.nsfocus.net/vulndb/14370
Trust: 0.6
url:http://www.ab.com/programmablecontrol/plc/micrologix1100/
Trust: 0.3
url:/archive/1/508946
Trust: 0.3
sources:
            
            
            CERT/CC: VU#144233 // 
            
            
            
            CNVD: CNVD-2010-5367 // 
            
            
            
            VULHUB: VHN-41185 // 
            
            
            
            BID: 37827 // 
            
            
            
            JVNDB: JVNDB-2010-001059 // 
            
            
            
            CNNVD: CNNVD-201001-208 // 
            
            
            
            NVD: CVE-2009-3739

CREDITS
Eyal Udassin  eyal@bazman.co.il
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201001-208

SOURCES
db:IVDid:7d7a45c2-463f-11e9-9933-000c29342cb1
db:IVDid:6f6a849a-2356-11e6-abef-000c29c66e3d
db:CERT/CCid:VU#144233
db:CNVDid:CNVD-2010-5367
db:VULHUBid:VHN-41185
db:BIDid:37827
db:JVNDBid:JVNDB-2010-001059
db:CNNVDid:CNNVD-201001-208
db:NVDid:CVE-2009-3739

LAST UPDATE DATE
2025-04-11T22:59:43.655000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#144233date:2010-06-03T00:00:00
db:CNVDid:CNVD-2010-5367date:2010-01-19T00:00:00
db:VULHUBid:VHN-41185date:2018-10-10T00:00:00
db:BIDid:37827date:2010-01-20T15:11:00
db:JVNDBid:JVNDB-2010-001059date:2010-02-19T00:00:00
db:CNNVDid:CNNVD-201001-208date:2010-01-20T00:00:00
db:NVDid:CVE-2009-3739date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:IVDid:7d7a45c2-463f-11e9-9933-000c29342cb1date:2010-01-19T00:00:00
db:IVDid:6f6a849a-2356-11e6-abef-000c29c66e3ddate:2010-01-19T00:00:00
db:CERT/CCid:VU#144233date:2010-01-20T00:00:00
db:CNVDid:CNVD-2010-5367date:2010-01-19T00:00:00
db:VULHUBid:VHN-41185date:2010-01-19T00:00:00
db:BIDid:37827date:2010-01-15T00:00:00
db:JVNDBid:JVNDB-2010-001059date:2010-02-19T00:00:00
db:CNNVDid:CNNVD-201001-208date:2010-01-19T00:00:00
db:NVDid:CVE-2009-3739date:2010-01-19T16:30:00.757