{"vulnerability": "cve-2018-1792", "sightings": [{"uuid": "39095242-ba86-4bcd-9f9a-30415b5a7d78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-17924", "type": "seen", "source": "https://t.me/SecLabNews/3812", "content": "\u0420\u044f\u0434 \u043c\u043e\u0434\u0435\u043b\u0435\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u043e\u0432 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Rockwell Automation \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f DoS-\u0430\u0442\u0430\u043a. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 (CVE-2018-17924) \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 MicroLogix 1400 \u0441\u0435\u0440\u0438\u0439 A, B \u0438 C, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u043c\u043e\u0434\u0443\u043b\u0435\u0439 1756 ControlLogix Ethernet/IP, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0441\u0435\u0440\u0438\u0438 A, B \u0438 C.    \n\u0412 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430\u0445 Rockwell Automation \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0430 \u043e\u043f\u0430\u0441\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c", "creation_timestamp": "2018-12-10T11:56:26.000000Z"}, {"uuid": "cdfce982-bd7b-491c-a605-a6ce059b7de9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-17924", "type": "seen", "source": "https://t.me/arpsyndicate/765", "content": "#ExploitObserverAlert\n\nCVE-2018-17924\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2018-17924. Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upon successful connection, send a new IP configuration to the affected device even if the controller in the system is set to Hard RUN mode. When the affected device accepts this new IP configuration, a loss of communication occurs between the device and the rest of the system as the system traffic is still attempting to communicate with the device via the overwritten IP address.\n\nFIRST-EPSS: 0.000560000\nNVD-IS: 4.0\nNVD-ES: 3.9", "creation_timestamp": "2023-11-29T16:06:14.000000Z"}]}