CVE-2018-17924EPSS p89.9%

CVE-2018-17924CVE-2018-17924

rockwellautomation / micrologix_1400_firmware

Description

Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upon successful connection, send a new IP configuration to the affected device even if the controller in the system is set to Hard RUN mode. When the affected device accepts this new IP configuration, a loss of communication occurs between the device and the rest of the system as the system traffic is still attempting to communicate with the device via the overwritten IP address.

Scoring

CVSS 8.6 ()
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
EPSS4.30% probability of exploitation · percentile 89.9% · 2026-06-19T12:03:05Z
Last modified2026-06-03

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2012-6435
CVE
CVE-2012-6442
CVE
CVE-2012-6436
CVE
CVE-2012-6438
CVE
CVE-2019-10955
CVE
CVE-2012-6440
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.