The vulnerability of microprogrammed software in Rockwell Automation’s CompactLogix, ControlLogix, GuardLogix, FlexLogix, DriveLogix, and SoftLogix controllers lies in the ability to introduce functionality from an untrusted control environment, allowing a perpetrator to execute arbitrary code.

The vulnerability of microprogrammed software in Rockwell Automation’s CompactLogix, ControlLogix, GuardLogix, FlexLogix, DriveLogix, and SoftLogix series of programmable logic controllers lies in the ability to introduce functionality from an untrusted control environment. Exploiting this...

CVE-2020-6990

Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic key utilized to help protect the account password is hard coded into the RSLogix 500 binary file...

CVE-2020-6984

Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic function utilized to protect the password in MicroLogix is discoverable...

CVE-2019-10955

In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15.002 and earlier, MicroLogix 1100 Controllers v14.00 and earlier, CompactLogix 5370 L1 controllers v30.014 and earlier, CompactLogix 5370 L2 controllers v30.014 and earlier, CompactLogix 5370 L3 controllers...