Description
A vulnerability exists in Rockwell Automation affected products that allows a threat actor to bypass the Trusted® Slot feature in a ControlLogix® controller. If exploited on any affected module in a 1756 chassis, a threat actor could potentially execute CIP commands that modify user projects and/or device configuration on a Logix controller in the chassis.
CVSS breakdown
CVSS 4.0
Attack Vector
Network
Attack Complexity
Low
Attack Requirements
Present
Privileges Required
Low
User Interaction
None
Confidentiality (Vulnerable System)
Low
Integrity (Vulnerable System)
High
Availability (Vulnerable System)
High
Confidentiality (Subsequent System)
Low
Integrity (Subsequent System)
High
Availability (Subsequent System)
High
Affected products
- Rockwell Automation / 1756-EN2Fv5.007(unsigned)/v5.027(signed) – v5.007(unsigned)/v5.027(signed)
- Rockwell Automation / 1756-EN2F1756-EN2F/C: V10.009 – 1756-EN2F/C: V10.009
- Rockwell Automation / 1756-EN2Tv5.007(unsigned)/v5.027(signed) – v5.007(unsigned)/v5.027(signed)
- Rockwell Automation / 1756-EN2T1756-EN2T/D: V10.006 – 1756-EN2T/D: V10.006
- Rockwell Automation / 1756-EN2TP1756-EN2TP/A: V10.020 – 1756-EN2TP/A: V10.020
- Rockwell Automation / 1756-EN2TR1756-EN2TR/C: V10.007 – 1756-EN2TR/C: V10.007
- Rockwell Automation / 1756-EN2TRv5.007(unsigned)/v5.027(signed) – v5.007(unsigned)/v5.027(signed)
- Rockwell Automation / 1756-EN3TRv5.007(unsigned)/v5.027(signed) – v5.007(unsigned)/v5.027(signed)
- Rockwell Automation / 1756-EN3TR1756-EN3TR/B: V10.007 – 1756-EN3TR/B: V10.007
- Rockwell Automation / 1756-EN4TRV2 – V2
- Rockwell Automation / ControlLogix® 5580 (1756- L8z)V28 – V28
- Rockwell Automation / GuardLogix 5580 (1756- L8zS)V31 – V31