CVE-2014-0755

Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not properly implement password protection for .ACD files (aka project files), which allows local users to obtain sensitive information or modify data via unspecified vectors.
Severity
UNKNOWN
AV:L/AC:M/Au:N/C:C/I:C/A:C
Atk. Vector
LOCAL
Atk. Complexity
MEDIUM
Base Score
CVSS 3.x
EPSS Score
Percentile: 39%
VendorProductVersion
rockwellautomationrslogix_5000_design_and_configuration_software
7.0
rockwellautomationrslogix_5000_design_and_configuration_software
18.0
rockwellautomationrslogix_5000_design_and_configuration_software
20.01
rockwellautomationrslogix_5000_design_and_configuration_software
21.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://ics-cert.us-cert.gov/advisories/ICSA-14-021-01
http://osvdb.org/102858
http://www.securityfocus.com/bid/65337
https://exchange.xforce.ibmcloud.com/vulnerabilities/90981
http://ics-cert.us-cert.gov/advisories/ICSA-14-021-01
http://osvdb.org/102858
http://www.securityfocus.com/bid/65337
https://exchange.xforce.ibmcloud.com/vulnerabilities/90981