CVE-2020-6984

Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic function utilized to protect the password in MicroLogix is discoverable.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
icscertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 42%
VendorProductVersion
rockwellautomationmicrologix_1400_a_firmware
*
rockwellautomationmicrologix_1400_b_firmware
𝑥
≤ 21.001
rockwellautomationmicrologix_1100_firmware
*
rockwellautomationrslogix_500
𝑥
≤ 12.001
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.us-cert.gov/ics/advisories/icsa-20-070-06
https://www.us-cert.gov/ics/advisories/icsa-20-070-06