Описание
Rockwell Automation MicroLogix 1400 PLC 1766-L32BWA, 1766-L32AWA, 1766-L32BXB, 1766-L32BWAA, 1766-L32AWAA, and 1766-L32BXBA devices have a hardcoded SNMP community, which makes it easier for remote attackers to load arbitrary firmware updates by leveraging knowledge of this community.
Ссылки
- MitigationThird Party AdvisoryUS Government Resource
- MitigationThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:h:rockwellautomation:1766-l32awa:-:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:1766-l32awaa:-:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:1766-l32bwa:-:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:1766-l32bwaa:-:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:1766-l32bxb:-:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:1766-l32bxba:-:*:*:*:*:*:*:*
EPSS
Процентиль: 97%
0.30312
Средний
7.3 High
CVSS3
7.5 High
CVSS2
Дефекты
CWE-284
Связанные уязвимости
CVSS3: 7.3
github
больше 3 лет назад
Rockwell Automation MicroLogix 1400 PLC 1766-L32BWA, 1766-L32AWA, 1766-L32BXB, 1766-L32BWAA, 1766-L32AWAA, and 1766-L32BXBA devices have a hardcoded SNMP community, which makes it easier for remote attackers to load arbitrary firmware updates by leveraging knowledge of this community.
EPSS
Процентиль: 97%
0.30312
Средний
7.3 High
CVSS3
7.5 High
CVSS2
Дефекты
CWE-284