Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and previous versions; CompactLogix 18 and previous versions; GuardLogix 18 and previous versions; SoftLogix 18 and previous versions; CompactLogix controllers 19 and previous versions; SoftLogix controllers 19 and previous versions; ControlLogix controllers 20 and previous versions; GuardLogix controllers 20 and previous versions; and MicroLogix 1100 and 1400 do not properly perform authentication for Ethernet firmware updates, which allows remote malicious users to execute arbitrary code via a Trojan horse update image.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
rockwellautomation controllogix |
||
rockwellautomation compactlogix |
||
rockwellautomation guardlogix |
||
rockwellautomation softlogix |
||
rockwellautomation compactlogix l32e controller - |
||
rockwellautomation 1794-aentr flex i\\/o ethernet\\/ip adapter - |
||
rockwellautomation compactlogix controllers |
||
rockwellautomation controllogix controllers |
||
rockwellautomation 1756-enbt - |
||
rockwellautomation 1756-eweb - |
||
rockwellautomation 1768-enbt - |
||
rockwellautomation 1768-eweb - |
||
rockwellautomation micrologix |
||
rockwellautomation compactlogix l35e controller - |
||
rockwellautomation flexlogix 1788-enbt adapter - |
||
rockwellautomation softlogix controllers |
||
rockwellautomation guardlogix controllers |
Vulmon