cbcvebase.
CVE-2015-6490
published 2015-10-28

CVE-2015-6490: Stack-based buffer overflow on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices through B FRN 15.003 allows remote attackers to…

PriorityP260critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
6.97%
93.3th percentile
Stack-based buffer overflow on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices through B FRN 15.003 allows remote attackers to execute arbitrary code via unspecified vectors.

Affected

2 ranges
VendorProductVersion rangeFixed in
rockwellautomationmicrologix_1100_firmware<= 14.000
rockwellautomationmicrologix_1400_firmware<= 15.002

Detection & IOCsextracted from sources · hover to see the quote

  • CVE-2015-6490 is a stack-based buffer overflow exploitable remotely with no authentication required (CVSS v3 AV:N/AC:L/PR:N/UI:N). Target devices are Allen-Bradley MicroLogix 1100 (Series B, firmware ≤14.000) and MicroLogix 1400 (Series B, firmware ≤15.003). Monitor for anomalous or oversized network requests to these PLC devices.
  • No known public exploits specifically target CVE-2015-6490 per the advisory; however, the advisory notes a low-skill attacker can exploit it remotely. Prioritize network-level monitoring and access control for affected MicroLogix devices.
  • The vulnerability vector is unspecified but delivered over the network with no privileges required. Inspect and alert on unexpected or malformed traffic directed at MicroLogix 1100/1400 devices on their exposed network interfaces.
  • ·The buffer overflow (CVE-2015-6490) is NOT fixed in MicroLogix 1400 Series B firmware 15.003; it was only addressed in firmware Version 15.004. Ensure patched version is confirmed before clearing a device.
  • ·Affected MicroLogix 1100 Series B fixed firmware version is 15.000; affected MicroLogix 1400 Series B fixed firmware version is 15.004. Devices running firmware at or below the vulnerable thresholds should be treated as unpatched.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.