CVE-2015-6490 in MicroLogixinfo

Summary

by MITRE

Stack-based buffer overflow on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices through B FRN 15.003 allows remote attackers to execute arbitrary code via unspecified vectors.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Analysis

by VulDB Data Team • 06/03/2026

The CVE-2015-6490 vulnerability represents a critical stack-based buffer overflow flaw affecting Allen-Bradley MicroLogix 1100 and 1400 series programmable logic controllers. This vulnerability exists within the firmware versions of these industrial control devices, specifically impacting systems running before B FRN 15.000 for 1100 models and through B FRN 15.003 for 1400 models. The flaw resides in the device's handling of unspecified network vectors, creating a pathway for remote code execution that could fundamentally compromise industrial control systems. Such vulnerabilities are particularly dangerous in industrial environments where operational technology (OT) systems control critical infrastructure operations.

The technical nature of this buffer overflow stems from improper input validation within the device's communication protocols, allowing attackers to craft malicious payloads that exceed the allocated stack memory space. When the device processes these malformed inputs, the excess data overflows into adjacent memory locations, potentially overwriting critical program execution elements such as return addresses or function pointers. This memory corruption enables attackers to redirect program execution flow and inject arbitrary code into the system. The vulnerability aligns with CWE-121 Stack-based Buffer Overflow, which specifically addresses buffer overflows occurring in stack memory regions where insufficient bounds checking allows data to overwrite adjacent memory locations.

The operational impact of CVE-2015-6490 extends far beyond typical network security concerns, as it directly threatens the integrity and availability of industrial control systems. Remote code execution capabilities mean that attackers could potentially gain complete administrative control over affected PLCs, enabling them to modify control logic, disrupt production processes, or even cause physical damage to equipment. This vulnerability particularly affects manufacturing environments, power generation facilities, and other critical infrastructure sectors where these Allen-Bradley devices operate. The remote exploitability aspect means that attackers do not require physical access to the devices, making the attack surface significantly broader than traditional industrial security threats.

Mitigation strategies for CVE-2015-6490 should encompass both immediate remediation and long-term security enhancements. The primary recommendation involves upgrading affected devices to firmware versions that address the buffer overflow vulnerability, specifically targeting the B FRN 15.000 and B FRN 15.003 releases or later. Network segmentation and access controls should be implemented to limit exposure of these devices to untrusted networks, utilizing firewalls and network access control lists to restrict communication to authorized endpoints only. Additionally, implementing intrusion detection systems specifically designed for industrial environments can help identify anomalous network traffic patterns associated with exploitation attempts. The vulnerability demonstrates the importance of maintaining current firmware versions and following vendor security advisories, as outlined in the industrial cybersecurity framework that emphasizes continuous monitoring and patch management for OT environments. Organizations should also consider conducting comprehensive risk assessments to identify all affected devices within their operational technology infrastructure and implement layered security controls that align with the defense-in-depth principles recommended by frameworks such as NIST SP 800-84 and IEC 62443 standards.

Reservation

08/17/2015

Disclosure

10/28/2015

Moderation

accepted

Entry

VDB-78923

CPE

ready

EPSS

0.06965

KEV

no

Activities

very low

Sources

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!