Rewterz Threat Advisory – CVE-2021-32926 – ICS: Rockwell Automation Micro800 and MicroLogix 1400

Severity

Medium

Analysis Summary

CVE-2021-32926

The Micro800 and MicroLogix 1400 vulnerability allows an attacker to intercept messages that include a legitimate, new password hash and replace the hash with an illegitimate one. This happens when an authenticated password change request takes place. A denial-of-service condition occurs as the user is no longer able to authenticate to the controller.

Impact

Denial of Service

Affected Vendors

Rockwell Automation

Affected Products

• Micro800: All versions
• MicroLogix 1400: Version 21 and later

Remediation

Refer to vendor advisory for the complete list of affected products and their respective patches at https://us-cert.cisa.gov/ics/advisories/icsa-21-145-02