CVE-2019-10955
published 2019-04-25CVE-2019-10955: In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15.002 and earlier, MicroLogix 1100 Controllers v14.00 and earlier…
PriorityP433medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
3.04%
85.9th percentile
In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15.002 and earlier, MicroLogix 1100 Controllers v14.00 and earlier, CompactLogix 5370 L1 controllers v30.014 and earlier, CompactLogix 5370 L2 controllers v30.014 and earlier, CompactLogix 5370 L3 controllers (includes CompactLogix GuardLogix controllers) v30.014 and earlier, an open redirect vulnerability could allow a remote unauthenticated attacker to input a malicious link to redirect users to a malicious site that could run or download arbitrary malware on the user’s machine.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rockwell_automation | compactlogix_5370_l1_controllers | — | — |
| rockwell_automation | compactlogix_5370_l2_controllers | — | — |
| rockwell_automation | compactlogix_5370_l3_controllers | — | — |
| rockwell_automation | micrologix_1100_controllers | — | — |
| rockwell_automation | micrologix_1400_controllers | — | — |
| rockwell_automation | micrologix_1400_controllers | — | — |
| rockwell_automation | micrologix_1400_controllers | — | — |
| rockwellautomation | compactlogix_5370_l1_firmware | <= 30.014 | — |
| rockwellautomation | compactlogix_5370_l2_firmware | <= 30.014 | — |
| rockwellautomation | compactlogix_5370_l3_firmware | <= 30.014 | — |
| rockwellautomation | micrologix_1100_firmware | <= 14.00 | — |
| rockwellautomation | micrologix_1400_b_firmware | <= 15.002 | — |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv3.06.1MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.05.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-vm5j-x654-r2ww: In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15
ghsa_unreviewed·2022-05-24
CVE-2019-10955 [MEDIUM] GHSA-vm5j-x654-r2ww: In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15
In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15.002 and earlier, MicroLogix 1100 Controllers v14.00 and earlier, CompactLogix 5370 L1 controllers v30.014 and earlier, CompactLogix 5370 L2 controllers v30.014 and earlier, CompactLogix 5370 L3 controllers (includes CompactLogix GuardLogix controllers) v30.014 and earlier, an open redirect vulnerability could allow a remote unauthenticated attacker to input a malicious link to redirect users to a malicious site that could run or download arbitrary malware on the user?s machine.
CISA ICS
Rockwell Automation MicroLogix 1400 and CompactLogix 5370 Controllers
cisa_ics·2019-04-23·CVSS 6.1
[MEDIUM] Rockwell Automation MicroLogix 1400 and CompactLogix 5370 Controllers
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Rockwell Automation MicroLogix 1400 and CompactLogix 5370 Controllers
Last RevisedApril 23, 2019
Alert CodeICSA-19-113-01
## 1. EXECUTIVE SUMMARY
-
CVSS v3 7.1
- ATTENTION: Exploitable remotely/low skill level to exploit
- Vendor: Rockwell Automation
- Equipment: MicroLogix 1400 and CompactLogix 5370 Controllers
- Vulnerability: Open Redirect
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to input a malicious link redirecting users to a malicious website.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-04-25
Published