CVE-2010-5305
Last modified
CVE-2010-5305 is a vulnerability of currently unknown severity. The potential exists for exposure of the product's password used to restrict unauthorized access to Rockwell PLC5/SLC5/0x/RSLogix 1785-Lx and 1747-L5x controllers. The potential exists for an unauthorized programming and configuration client to gain access to the product and allow changes to the product’s configuration or program. EPSS estimates a 5.70% chance of exploitation in the next 30 days.
Description
The potential exists for exposure of the product's password used to restrict unauthorized access to Rockwell PLC5/SLC5/0x/RSLogix 1785-Lx and 1747-L5x controllers. The potential exists for an unauthorized programming and configuration client to gain access to the product and allow changes to the product’s configuration or program. When applicable, upgrade product firmware to a version that includes enhanced security functionality compatible with Rockwell Automation's FactoryTalk Security services.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Rockwellautomation | Rslogix | All versions |
| Rockwellautomation | Plc5 1785-Lx Firmware | All versions |
| Rockwellautomation | Slc5\/01 1747-L5x Firmware | All versions |
References
- https://ics-cert.us-cert.gov/advisories/ICSA-10-070-02Mitigation, Third Party Advisory, US Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2010-5305?
How severe is CVE-2010-5305?
How do I fix CVE-2010-5305?
Are you affected by CVE-2010-5305?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST