CVEs-PoC/2017/CVE-2017-12093.md

### [CVE-2017-12093](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12093)
![](https://img.shields.io/static/v1?label=Product&message=Allen%20Bradley&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=Allen%20Bradley%20Micrologix%201400%20Series%20B%20FRN%2021.2%2C%20Allen%20Bradley%20Micrologix%201400%20Series%20B%20FRN%2021.0%2C%20Allen%20Bradley%20Micrologix%201400%20Series%20B%20FRN%2015%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=denial%20of%20service&color=brightgreen)

### Description

An exploitable insufficient resource pool vulnerability exists in the session communication functionality of Allen Bradley Micrologix 1400 Series B Firmware 21.2 and before. A specially crafted stream of packets can cause a flood of the session resource pool resulting in legitimate connections to the PLC being disconnected. An attacker can send unauthenticated packets to trigger this vulnerability.

### POC

#### Reference
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0445

#### Github
No PoCs found on GitHub currently.