Vulnerabilites related to rockwellautomation - rslogix_500
Vulnerability from fkie_nvd
Published
2020-03-16 16:15
Modified
2024-11-21 05:36
Severity ?
Summary
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, If Simple Mail Transfer Protocol (SMTP) account data is saved in RSLogix 500, a local attacker with access to a victim’s project may be able to gather SMTP server authentication data as it is written to the project file in cleartext.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.us-cert.gov/ics/advisories/icsa-20-070-06 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-20-070-06 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:micrologix_1400_a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "614FFE85-E795-4590-B83D-87D759BA2AE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "344EE9F6-1E89-4BCA-BDED-800F274D7845",
"versionEndIncluding": "21.001",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:micrologix_1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "196EA0BE-FDF3-46BE-B3DA-5F49208C5D80",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:micrologix_1100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5252A0C-A923-4BA0-A857-9BF21F8BF79B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:micrologix_1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA42C7F4-EEC1-44D2-BD46-237969FF6E1A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rockwellautomation:rslogix_500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A9694E-1C9E-4DF4-B91F-753A5FB4CDD6",
"versionEndIncluding": "12.001",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, If Simple Mail Transfer Protocol (SMTP) account data is saved in RSLogix 500, a local attacker with access to a victim\u2019s project may be able to gather SMTP server authentication data as it is written to the project file in cleartext."
},
{
"lang": "es",
"value": "Rockwell Automation MicroLogix 1400 Controllers Series B versiones v21.001 y anteriores, Series A, todas las versiones, MicroLogix 1100 Controller, todas las versiones, RSLogix 500 Software versiones v12.001 y anteriores, si los datos de la cuenta Simple Mail Transfer Protocol (SMTP) se guardan en RSLogix 500, un atacante local con acceso al proyecto de una v\u00edctima puede recopilar datos de autenticaci\u00f3n del servidor SMTP tal y como est\u00e1n escritos en el archivo del proyecto en texto sin cifrar."
}
],
"id": "CVE-2020-6980",
"lastModified": "2024-11-21T05:36:25.563",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-16T16:15:14.610",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-06"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-06"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-312"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-312"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-16 16:15
Modified
2024-11-21 05:36
Severity ?
Summary
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic key utilized to help protect the account password is hard coded into the RSLogix 500 binary file. An attacker could identify cryptographic keys and use it for further cryptographic attacks that could ultimately lead to a remote attacker gaining unauthorized access to the controller.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.us-cert.gov/ics/advisories/icsa-20-070-06 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-20-070-06 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:micrologix_1400_a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "614FFE85-E795-4590-B83D-87D759BA2AE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "344EE9F6-1E89-4BCA-BDED-800F274D7845",
"versionEndIncluding": "21.001",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:micrologix_1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "196EA0BE-FDF3-46BE-B3DA-5F49208C5D80",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:micrologix_1100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5252A0C-A923-4BA0-A857-9BF21F8BF79B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:micrologix_1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA42C7F4-EEC1-44D2-BD46-237969FF6E1A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rockwellautomation:rslogix_500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A9694E-1C9E-4DF4-B91F-753A5FB4CDD6",
"versionEndIncluding": "12.001",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic key utilized to help protect the account password is hard coded into the RSLogix 500 binary file. An attacker could identify cryptographic keys and use it for further cryptographic attacks that could ultimately lead to a remote attacker gaining unauthorized access to the controller."
},
{
"lang": "es",
"value": "Rockwell Automation MicroLogix 1400 Controllers Series B versiones v21.001 y anteriores, Series A, todas las versiones, MicroLogix 1100 Controller, todas las versiones, RSLogix 500 Software versiones v12.001 y anteriores; La clave criptogr\u00e1fica usada para ayudar a proteger la contrase\u00f1a de cuenta est\u00e1 embebida en el archivo binario de RSLogix 500. Un atacante podr\u00eda identificar claves criptogr\u00e1ficas y usarlas para nuevos ataques criptogr\u00e1ficos que finalmente podr\u00edan conllevar a que un atacante remoto consiga acceso no autorizado al controlador."
}
],
"id": "CVE-2020-6990",
"lastModified": "2024-11-21T05:36:26.807",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-16T16:15:14.843",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-06"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-06"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-321"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-16 16:15
Modified
2024-11-21 05:36
Severity ?
Summary
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic function utilized to protect the password in MicroLogix is discoverable.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.us-cert.gov/ics/advisories/icsa-20-070-06 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-20-070-06 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:micrologix_1400_a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "614FFE85-E795-4590-B83D-87D759BA2AE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "344EE9F6-1E89-4BCA-BDED-800F274D7845",
"versionEndIncluding": "21.001",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:micrologix_1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "196EA0BE-FDF3-46BE-B3DA-5F49208C5D80",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:micrologix_1100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5252A0C-A923-4BA0-A857-9BF21F8BF79B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:micrologix_1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA42C7F4-EEC1-44D2-BD46-237969FF6E1A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rockwellautomation:rslogix_500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A9694E-1C9E-4DF4-B91F-753A5FB4CDD6",
"versionEndIncluding": "12.001",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic function utilized to protect the password in MicroLogix is discoverable."
},
{
"lang": "es",
"value": "Rockwell Automation MicroLogix 1400 Controllers Series B versiones v21.001 y anteriores, Series A, todas las versiones, MicroLogix 1100 Controller, todas las versiones, RSLogix 500 Software versiones v12.001 y anteriores. La funci\u00f3n criptogr\u00e1fica usada para proteger la contrase\u00f1a en MicroLogix es detectable."
}
],
"id": "CVE-2020-6984",
"lastModified": "2024-11-21T05:36:26.053",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-16T16:15:14.670",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-06"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-06"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-327"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-327"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-16 16:15
Modified
2024-11-21 05:36
Severity ?
Summary
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, A remote, unauthenticated attacker can send a request from the RSLogix 500 software to the victim’s MicroLogix controller. The controller will then respond to the client with used password values to authenticate the user on the client-side. This method of authentication may allow an attacker to bypass authentication altogether, disclose sensitive information, or leak credentials.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.us-cert.gov/ics/advisories/icsa-20-070-06 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-20-070-06 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:micrologix_1400_a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "614FFE85-E795-4590-B83D-87D759BA2AE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:micrologix_1400_b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "344EE9F6-1E89-4BCA-BDED-800F274D7845",
"versionEndIncluding": "21.001",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:micrologix_1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "196EA0BE-FDF3-46BE-B3DA-5F49208C5D80",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:micrologix_1100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5252A0C-A923-4BA0-A857-9BF21F8BF79B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:micrologix_1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA42C7F4-EEC1-44D2-BD46-237969FF6E1A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rockwellautomation:rslogix_500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A9694E-1C9E-4DF4-B91F-753A5FB4CDD6",
"versionEndIncluding": "12.001",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, A remote, unauthenticated attacker can send a request from the RSLogix 500 software to the victim\u2019s MicroLogix controller. The controller will then respond to the client with used password values to authenticate the user on the client-side. This method of authentication may allow an attacker to bypass authentication altogether, disclose sensitive information, or leak credentials."
},
{
"lang": "es",
"value": "Rockwell Automation MicroLogix 1400 Controllers Series B versiones v21.001 y anteriores, Series A, todas las versiones, MicroLogix 1100 Controller, todas las versiones, RSLogix 500 Software versiones v12.001 y anteriores, un atacante no autenticado remoto puede enviar una petici\u00f3n desde el software RSLogix 500 hacia el controlador MicroLogix de la v\u00edctima. El controlador responder\u00e1 al cliente con los valores de contrase\u00f1a usados para autenticar al usuario en el lado del cliente. Este m\u00e9todo de autenticaci\u00f3n puede permitir a un atacante omitir la autenticaci\u00f3n por completo, revelar informaci\u00f3n confidencial o filtrar credenciales."
}
],
"id": "CVE-2020-6988",
"lastModified": "2024-11-21T05:36:26.567",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-16T16:15:14.767",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-06"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-06"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-603"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2020-6984 (GCVE-0-2020-6984)
Vulnerability from cvelistv5
Published
2020-03-16 15:41
Modified
2024-08-04 09:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-327 - USE OF A BROKEN OR RISKY ALGORITHM FOR PASSWORD PROTECTION USE OF CLIENT-SIDE AUTHENTICATION
Summary
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic function utilized to protect the password in MicroLogix is discoverable.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior |
Version: Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:02.527Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic function utilized to protect the password in MicroLogix is discoverable."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "USE OF A BROKEN OR RISKY ALGORITHM FOR PASSWORD PROTECTION USE OF CLIENT-SIDE AUTHENTICATION CWE-327",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-16T15:41:13",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-06"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-6984",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior",
"version": {
"version_data": [
{
"version_value": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic function utilized to protect the password in MicroLogix is discoverable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "USE OF A BROKEN OR RISKY ALGORITHM FOR PASSWORD PROTECTION USE OF CLIENT-SIDE AUTHENTICATION CWE-327"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-070-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-06"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-6984",
"datePublished": "2020-03-16T15:41:13",
"dateReserved": "2020-01-14T00:00:00",
"dateUpdated": "2024-08-04T09:18:02.527Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6980 (GCVE-0-2020-6980)
Vulnerability from cvelistv5
Published
2020-03-16 15:36
Modified
2024-08-04 09:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-312 - CLEARTEXT STORAGE OF SENSITIVE INFORMATION
Summary
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, If Simple Mail Transfer Protocol (SMTP) account data is saved in RSLogix 500, a local attacker with access to a victim’s project may be able to gather SMTP server authentication data as it is written to the project file in cleartext.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior |
Version: Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:02.979Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, If Simple Mail Transfer Protocol (SMTP) account data is saved in RSLogix 500, a local attacker with access to a victim\u2019s project may be able to gather SMTP server authentication data as it is written to the project file in cleartext."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CLEARTEXT STORAGE OF SENSITIVE INFORMATION CWE-312",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-16T15:36:51",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-06"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-6980",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior",
"version": {
"version_data": [
{
"version_value": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, If Simple Mail Transfer Protocol (SMTP) account data is saved in RSLogix 500, a local attacker with access to a victim\u2019s project may be able to gather SMTP server authentication data as it is written to the project file in cleartext."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CLEARTEXT STORAGE OF SENSITIVE INFORMATION CWE-312"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-070-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-06"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-6980",
"datePublished": "2020-03-16T15:36:51",
"dateReserved": "2020-01-14T00:00:00",
"dateUpdated": "2024-08-04T09:18:02.979Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6990 (GCVE-0-2020-6990)
Vulnerability from cvelistv5
Published
2020-03-16 15:39
Modified
2024-08-04 09:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-321 - USE OF HARD-CODED CRYPTOGRAPHIC KEY
Summary
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic key utilized to help protect the account password is hard coded into the RSLogix 500 binary file. An attacker could identify cryptographic keys and use it for further cryptographic attacks that could ultimately lead to a remote attacker gaining unauthorized access to the controller.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior |
Version: Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:02.522Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic key utilized to help protect the account password is hard coded into the RSLogix 500 binary file. An attacker could identify cryptographic keys and use it for further cryptographic attacks that could ultimately lead to a remote attacker gaining unauthorized access to the controller."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "USE OF HARD-CODED CRYPTOGRAPHIC KEY CWE-321",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-16T15:39:45",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-06"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-6990",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior",
"version": {
"version_data": [
{
"version_value": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic key utilized to help protect the account password is hard coded into the RSLogix 500 binary file. An attacker could identify cryptographic keys and use it for further cryptographic attacks that could ultimately lead to a remote attacker gaining unauthorized access to the controller."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "USE OF HARD-CODED CRYPTOGRAPHIC KEY CWE-321"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-070-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-06"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-6990",
"datePublished": "2020-03-16T15:39:45",
"dateReserved": "2020-01-14T00:00:00",
"dateUpdated": "2024-08-04T09:18:02.522Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6988 (GCVE-0-2020-6988)
Vulnerability from cvelistv5
Published
2020-03-16 15:38
Modified
2024-08-04 09:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-603 - USE OF CLIENT-SIDE AUTHENTICATION
Summary
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, A remote, unauthenticated attacker can send a request from the RSLogix 500 software to the victim’s MicroLogix controller. The controller will then respond to the client with used password values to authenticate the user on the client-side. This method of authentication may allow an attacker to bypass authentication altogether, disclose sensitive information, or leak credentials.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior |
Version: Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:02.514Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, A remote, unauthenticated attacker can send a request from the RSLogix 500 software to the victim\u2019s MicroLogix controller. The controller will then respond to the client with used password values to authenticate the user on the client-side. This method of authentication may allow an attacker to bypass authentication altogether, disclose sensitive information, or leak credentials."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-603",
"description": "USE OF CLIENT-SIDE AUTHENTICATION CWE-603",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-16T15:38:36",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-06"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-6988",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior",
"version": {
"version_data": [
{
"version_value": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, A remote, unauthenticated attacker can send a request from the RSLogix 500 software to the victim\u2019s MicroLogix controller. The controller will then respond to the client with used password values to authenticate the user on the client-side. This method of authentication may allow an attacker to bypass authentication altogether, disclose sensitive information, or leak credentials."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "USE OF CLIENT-SIDE AUTHENTICATION CWE-603"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-070-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-06"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-6988",
"datePublished": "2020-03-16T15:38:36",
"dateReserved": "2020-01-14T00:00:00",
"dateUpdated": "2024-08-04T09:18:02.514Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}