EUVD-2019-2669

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Open redirect vulnerability in Rockwell Automation controllers allows malware downloads by attackers.

Reporter	Title	Published	Views	Family All 13
Tenable Nessus	Rockwell Automation MicroLogix and CompactLogix Multiple Controllers Open Redirect	8 May 201900:00	–	nessus
Tenable Nessus	Rockwellautomation Micrologix URL Redirection to Untrusted Site ('Open Redirect')	8 Nov 201900:00	–	nessus
Tenable Nessus	Rockwell Automation MicroLogix 1100/1400 and CompactLogix 5370 Controllers Open Redirection Vulnerability	21 May 201900:00	–	nessus
Tenable Nessus	Rockwell Automation MicroLogix 1400 and CompactLogix 5370 Controllers URL Redirection to Untrusted Site (CVE-2019-10955)	7 Feb 202200:00	–	nessus
BDU FSTEC	The vulnerability of the microprogramming software used in MicroLogix 1400 A, MicroLogix 1400 B, MicroLogix 1100, CompactLogix 5370 L1, CompactLogix 5370 L2, and CompactLogix 5370 L3 allows a hacker to redirect the target user to a malicious website using a specially created link.	26 Dec 201900:00	–	bdu_fstec
CNVD	Multiple Rockwell Automation Products Input Validation Error Vulnerability	25 Apr 201900:00	–	cnvd
Check Point Advisories	Rockwell Automation Multiple Controllers Open Redirect (CVE-2019-10955)	28 Apr 201900:00	–	checkpoint_advisories
CVE	CVE-2019-10955	25 Apr 201917:27	–	cve
Cvelist	CVE-2019-10955	25 Apr 201917:27	–	cvelist
ICS	Rockwell Automation MicroLogix 1400 and CompactLogix 5370 Controllers	23 Apr 201900:00	–	ics

[
  {
    "enisaIdVendor": [
      {
        "id": "962c81c3-ea32-3873-9ed2-52ef1f21218d",
        "vendor": {
          "name": "Rockwell Automation"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "14df0b9e-5530-39a9-95c7-e9e9f234a518",
        "product": {
          "name": "MicroLogix 1400 Controllers"
        },
        "product_version": "All Versions Series B"
      },
      {
        "id": "4aef75a2-fc09-3ae2-929b-2c97e88cd23f",
        "product": {
          "name": "MicroLogix 1400 Controllers"
        },
        "product_version": "Series A"
      },
      {
        "id": "4f4eeec3-2406-3cd2-895c-76f6668fb213",
        "product": {
          "name": "CompactLogix 5370 L1 controllers"
        },
        "product_version": "v30.014 and earlier"
      },
      {
        "id": "5c0ca627-c95f-3c1c-b176-9ba4f65ef8c7",
        "product": {
          "name": "CompactLogix 5370 L2 controllers"
        },
        "product_version": "v30.014 and earlier"
      },
      {
        "id": "b7ecd37b-b845-3c9c-8252-8dcc79c19d9f",
        "product": {
          "name": "CompactLogix 5370 L3 controllers"
        },
        "product_version": "v30.014 and earlier"
      },
      {
        "id": "b8d6a86c-dfa3-3b12-a598-8993f52311d4",
        "product": {
          "name": "MicroLogix 1100 Controllers"
        },
        "product_version": "v14.00 and earlier"
      },
      {
        "id": "c770518d-0e0c-3bea-90d1-bf3449f6afb6",
        "product": {
          "name": "MicroLogix 1400 Controllers"
        },
        "product_version": "v15.002 and earlier"
      }
    ]
  }
]

Source	Link
ics-cert	www.ics-cert.us-cert.gov/advisories/ICSA-19-113-01
securityfocus	www.securityfocus.com/bid/108049
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.1Medium risk

Vulners AI Score6.1

CVSS 36.1

CVSS 25.8

EPSS0.0293