563 matches found
Design/Logic Flaw
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic function utilized to protect the password in MicroLogix is discoverable...
Hardcoded credentials
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic key utilized to help protect the account password is hard coded into the RSLogix 500 binary file...
Authentication flaw
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, A remote, unauthenticated attacker can send a request from the RSLogix 500 software to the victim’s MicroLogix...
CVE-2020-6984
CVE-2020-6984 affects Rockwell Automation products including MicroLogix 1400 Series A/B, MicroLogix 1100, and RSLogix 500 software. The vulnerability is that the cryptographic function used to protect the MicroLogix password is discoverable, exposing credential protection weaknesses. Public discl...
CVE-2020-6984
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic function utilized to protect the password in MicroLogix is discoverable...
CVE-2020-6984
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic function utilized to protect the password in MicroLogix is discoverable...
CVE-2020-6990
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic key utilized to help protect the account password is hard coded into the RSLogix 500 binary file...
CVE-2020-6990
CVE-2020-6990 affects Rockwell Automation MicroLogix 1400 Controllers (Series B v21.001 and prior; Series A), MicroLogix 1100 Controllers (all versions), and RSLogix 500 Software (v12.001 and prior). The root cause is a hard-coded cryptographic key in the RSLogix 500 binary, enabling an attacker ...
CVE-2020-6990
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic key utilized to help protect the account password is hard coded into the RSLogix 500 binary file...
CVE-2020-6988
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, A remote, unauthenticated attacker can send a request from the RSLogix 500 software to the victim’s MicroLogix...
CVE-2020-6988
CVE-2020-6988 affects Rockwell Automation MicroLogix 1400 (Series B v21.001 and earlier; Series A) and MicroLogix 1100, plus RSLogix 500 Software v12.001 and earlier. A remote, unauthenticated attacker can trigger a client‑side authentication flaw by sending a request from RSLogix 500 to the Micr...
CVE-2020-6980
CVE-2020-6980 affects Rockwell Automation products: MicroLogix 1400 Series B (v21.001 and earlier) and Series A, MicroLogix 1100 (all versions), and RSLogix 500 Software (v12.001 and earlier). Root cause: SMTP account data saved in RSLogix 500 project files in cleartext. Consequence: local attack...
CVE-2020-6980
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, If Simple Mail Transfer Protocol SMTP account data is saved in RSLogix 500, a local attacker with access to a...
The vulnerability of the cryptographic function used to protect passwords, the RSLogix 500 software, and the programmable logic controllers MicroLogix 1100 and MicroLogix 1400, allows unauthorized access to confidential information.
The vulnerability of the cryptographic function used to protect passwords, the RSLogix 500 software, and the MicroLogix 1100 and MicroLogix 1400 programmable logic controllers is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow...
The vulnerability of the RSLogix 500 software, the programmable logic controllers MicroLogix 1100 and MicroLogix 1400, allows a intruder to disclose confidential information.
The vulnerability of the RSLogix 500 software, the programmable logic controllers MicroLogix 1100 and MicroLogix 1400, is related to the use of user-side authentication. Exploiting this vulnerability can allow a remote attacker to disclose confidential information...
The vulnerability of the RSLogix 500 software, the programmable logic controllers MicroLogix 1100 and MicroLogix 1400, arises from the use of a rigidly encrypted cryptographic key, which allows an intruder to gain enhanced privileges.
The vulnerability of the RSLogix 500 software, the programmable logic controllers MicroLogix 1100, and MicroLogix lies in the use of a rigidly encrypted cryptographic key. Exploiting this vulnerability can allow an attacker operating remotely to enhance their privileges...
Multiple Rockwell Automation Products Licensing Issues Vulnerabilities
Rockwell Automation MicroLogix 1400 Controllers Series A and so on are the products of Rockwell Automation, Inc.Rockwell Automation MicroLogix 1400 Controllers Series A is a programmable logic controller.MicroLogix 1100 Controllers is a programmable logic controller.RSLogix 500 Software is a set ...
Multiple Rockwell Automation Products Encryption Issues Vulnerabilities
Rockwell Automation MicroLogix 1400 Controllers Series A and so on are the products of Rockwell Automation, Inc.Rockwell Automation MicroLogix 1400 Controllers Series A is a programmable logic controller.MicroLogix 1100 Controllers is a programmable logic controller.RSLogix 500 Software is a set ...
Information Disclosure Vulnerability in Multiple Rockwell Automation Products
Rockwell Automation MicroLogix 1400 Controllers Series A and so on are the products of Rockwell Automation, Inc.Rockwell Automation MicroLogix 1400 Controllers Series A is a programmable logic controller.MicroLogix 1100 Controllers is a programmable logic controller.RSLogix 500 Software is a set ...
Critical Bugs in Rockwell, Johnson Controls ICS Gear
Security vulnerabilities that require very little skill to exploit have been discovered in industrial control systems ICS gear from Rockwell Automation and Johnson Controls, which anchor a flurry of bug disclosures impacting critical infrastructure. First, a set of critical vulnerabilities in...