The Micro800 and MicroLogix 1400 vulnerability allows an attacker to intercept messages that include a legitimate, new password hash and replace the hash with an illegitimate one. This happens when an authenticated password change request takes place. A denial-of-service condition occurs as the user is no longer able to authenticate to the controller.
Denial of Service
Refer to vendor advisory for the complete list of affected products and their respective patches at https://us-cert.cisa.gov/ics/advisories/icsa-21-145-02