CVE-2020-6984
published 2020-03-16CVE-2020-6984: Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500…
PriorityP344high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
2.75%
84.4th percentile
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic function utilized to protect the password in MicroLogix is discoverable.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rockwellautomation | micrologix_1400_b_firmware | <= 21.001 | — |
| rockwellautomation | rslogix_500 | <= 12.001 | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Rockwell Automation MicroLogix Controllers and RSLogix 500 Software
cisa_ics·2020-03-10·CVSS 9.8
[CRITICAL] Rockwell Automation MicroLogix Controllers and RSLogix 500 Software
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Rockwell Automation MicroLogix Controllers and RSLogix 500 Software
Last RevisedMarch 10, 2020
Alert CodeICSA-20-070-06
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low skill level to exploit
- Vendor: Rockwell Automation
- Equipment: MicroLogix 1400 Controllers, MicroLogix 1100 Controllers, and RSLogix 500 Software
- Vulnerabilities: Use of Hard-coded Cryptographic Key, Use of a Broken or Risky Algorithm for Password Protection, Use of Client-Side Authentication, Cleartext Storage of Sensitive Information
## 2. RISK EVALUATION
Successful exploit
GHSA
GHSA-f7cx-mjqx-2qmw: Rockwell Automation MicroLogix 1400 Controllers Series B v21
ghsa_unreviewed·2022-05-24
CVE-2020-6984 [MEDIUM] GHSA-f7cx-mjqx-2qmw: Rockwell Automation MicroLogix 1400 Controllers Series B v21
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic function utilized to protect the password in MicroLogix is discoverable.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2020-03-16
Published