Affected configuration(s):
cpe:/a:rockwellautomation:rslogix_5000_design_and_configuration_software:7.0
cpe:/a:rockwellautomation:rslogix_5000_design_and_configuration_software:18.0
cpe:/a:rockwellautomation:rslogix_5000_design_and_configuration_software:20.01
cpe:/a:rockwellautomation:rslogix_5000_design_and_configuration_software:21.0
Date published: 2014-02-05T00:15:29.930-05:00
Date last modified: 2017-08-28T21:34:15.327-04:00
CVSS Score: 6.9
Principal attack vector: LOCAL
Complexity: MEDIUM
Reference URL: http://ics-cert.us-cert.gov/advisories/ICSA-14-021-01
Summary: Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not properly implement password protection for .ACD files (aka project files), which allows local users to obtain sensitive information or modify data via unspecified vectors.