CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
26.1%
Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not properly implement password protection for .ACD files (aka project files), which allows local users to obtain sensitive information or modify data via unspecified vectors.
Vendor | Product | Version | CPE |
---|---|---|---|
rockwellautomation | rslogix_5000_design_and_configuration_software | 7.0 | cpe:2.3:a:rockwellautomation:rslogix_5000_design_and_configuration_software:7.0:*:*:*:*:*:*:* |
rockwellautomation | rslogix_5000_design_and_configuration_software | 18.0 | cpe:2.3:a:rockwellautomation:rslogix_5000_design_and_configuration_software:18.0:*:*:*:*:*:*:* |
rockwellautomation | rslogix_5000_design_and_configuration_software | 20.01 | cpe:2.3:a:rockwellautomation:rslogix_5000_design_and_configuration_software:20.01:*:*:*:*:*:*:* |
rockwellautomation | rslogix_5000_design_and_configuration_software | 21.0 | cpe:2.3:a:rockwellautomation:rslogix_5000_design_and_configuration_software:21.0:*:*:*:*:*:*:* |
rockwellautomation | logix_5000_controller | - | cpe:2.3:h:rockwellautomation:logix_5000_controller:-:*:*:*:*:*:*:* |