Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveIcscertCVE-2014-0755
HistoryFeb 05, 2014 - 5:15 a.m.

CVE-2014-0755

2014-02-0505:15:29
CWE-255
icscert
web.nvd.nist.gov
24
cve-2014-0755
rockwell automation
rslogix 5000
local privilege escalation
password protection
nvd

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.1

Confidence

Low

EPSS

0.001

Percentile

26.1%

JSON

Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not properly implement password protection for .ACD files (aka project files), which allows local users to obtain sensitive information or modify data via unspecified vectors.

Affected configurations

Nvd
Node
rockwellautomationrslogix_5000_design_and_configuration_softwareMatch7.0
OR
rockwellautomationrslogix_5000_design_and_configuration_softwareMatch18.0
OR
rockwellautomationrslogix_5000_design_and_configuration_softwareMatch20.01
OR
rockwellautomationrslogix_5000_design_and_configuration_softwareMatch21.0
AND
rockwellautomationlogix_5000_controllerMatch-
VendorProductVersionCPE
rockwellautomationrslogix_5000_design_and_configuration_software7.0cpe:2.3:a:rockwellautomation:rslogix_5000_design_and_configuration_software:7.0:*:*:*:*:*:*:*
rockwellautomationrslogix_5000_design_and_configuration_software18.0cpe:2.3:a:rockwellautomation:rslogix_5000_design_and_configuration_software:18.0:*:*:*:*:*:*:*
rockwellautomationrslogix_5000_design_and_configuration_software20.01cpe:2.3:a:rockwellautomation:rslogix_5000_design_and_configuration_software:20.01:*:*:*:*:*:*:*
rockwellautomationrslogix_5000_design_and_configuration_software21.0cpe:2.3:a:rockwellautomation:rslogix_5000_design_and_configuration_software:21.0:*:*:*:*:*:*:*
rockwellautomationlogix_5000_controller-cpe:2.3:h:rockwellautomation:logix_5000_controller:-:*:*:*:*:*:*:*

Related

nvd 1
nessus 2
prion 1
ics 1
cvelist 1
nvd
nvd
CVE-2014-0755
2014-02-05 05:15:29
nessus
nessus
Rockwellautomation Rslogix Unspecified Vulnerability
2019-11-08 00:00:00
Rockwell (CVE-2014-0755) (deprecated)
2022-02-07 00:00:00
prion
prion
Design/Logic Flaw
2014-02-05 05:15:00
ics
ics
Rockwell RSLogix 5000 Password Vulnerability
2018-09-06 12:00:00
cvelist
cvelist
CVE-2014-0755
2014-02-05 02:00:00

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.1

Confidence

Low

EPSS

0.001

Percentile

26.1%

JSON
Related for CVE-2014-0755
nvd1nessus2prion1ics1cvelist1