Description

A vulnerability exists in Rockwell Automation affected products that allows a threat actor to bypass the Trusted® Slot feature in a ControlLogix® controller. If exploited on any affected module in a 1756 chassis, a threat actor could potentially execute CIP commands that modify user projects and/or device configuration on a Logix controller in the chassis.

Related CPE's

Could not find any relations

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1682.html

Weaknesses

[email protected]

Secondary
CWE-420

CVSS impact metrics

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

7.3 · High

Information

Source identifier

[email protected]

Vulnerability status

Awaiting analysis

Published

2024-08-01T14:15:07.013Z

1 year ago

Last modified

2024-08-01T14:45:25.400Z

1 year ago