31 matches found
EUVD-2020-28124
Malware in sbrugna...
EUVD-2020-28130
Malware in sbrugna...
EUVD-2020-28128
Malware in sbrugna...
CVE-2020-6984
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic function utilized to protect the password in MicroLogix is discoverable...
CVE-2020-6988
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, A remote, unauthenticated attacker can send a request from the RSLogix 500 software to the victim’s MicroLogix...
Rockwell Automation多款产品 安全漏洞
Rockwell Automation RSLogix 500 and others are products of Rockwell Automation, a U.S. company.Rockwell Automation RSLogix 500 is a suite of programming software for industrial control systems.Rockwell Automation Rockwell Automation RSLogix Micro Developer and Starter is an industrial control...
Rockwell Automation RSLogix 5 and RSLogix 500
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.8 ATTENTION : Exploitable locally/high attack complexity Vendor : Rockwell Automation Equipment : RSLogix 5 and RSLogix 500 Vulnerability : Insufficient verification of data authenticity 2. RISK EVALUATION Successful exploitation of this vulnerability...
Rockwell Automation MicroLogix Controllers and RSLogix 500 Software Cleartext Storage of Sensitive Information (CVE-2020-6980)
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, If Simple Mail Transfer Protocol SMTP account data is saved in RSLogix 500, a local attacker with access to a...
Rockwell Automation MicroLogix Controllers and RSLogix 500 Software Use of Client-Side Authentication (CVE-2020-6988)
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, A remote, unauthenticated attacker can send a request from the RSLogix 500 software to the victim's MicroLogix...
Rockwell Automation MicroLogix Controllers and RSLogix 500 Software Use of Hard-Coded Cryptographic Key (CVE-2020-6990)
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic key utilized to help protect the account password is hard coded into the RSLogix 500 binary file...
Rockwellautomation Micrologix Improper Authentication
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, A remote, unauthenticated attacker can send a request from the RSLogix 500 software to the victim’s MicroLogix...
CVE-2020-6984
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic function utilized to protect the password in MicroLogix is discoverable...
CVE-2020-6990
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic key utilized to help protect the account password is hard coded into the RSLogix 500 binary file...
CVE-2020-6984
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic function utilized to protect the password in MicroLogix is discoverable...
CVE-2020-6980
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, If Simple Mail Transfer Protocol SMTP account data is saved in RSLogix 500, a local attacker with access to a...
Authentication flaw
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, A remote, unauthenticated attacker can send a request from the RSLogix 500 software to the victim’s MicroLogix...
Hardcoded credentials
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic key utilized to help protect the account password is hard coded into the RSLogix 500 binary file...
Authentication flaw
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, If Simple Mail Transfer Protocol SMTP account data is saved in RSLogix 500, a local attacker with access to a...
CVE-2020-6984
CVE-2020-6984 affects Rockwell Automation products including MicroLogix 1400 Series A/B, MicroLogix 1100, and RSLogix 500 software. The vulnerability is that the cryptographic function used to protect the MicroLogix password is discoverable, exposing credential protection weaknesses. Public discl...
CVE-2020-6990
CVE-2020-6990 affects Rockwell Automation MicroLogix 1400 Controllers (Series B v21.001 and prior; Series A), MicroLogix 1100 Controllers (all versions), and RSLogix 500 Software (v12.001 and prior). The root cause is a hard-coded cryptographic key in the RSLogix 500 binary, enabling an attacker ...