PT-2014-3818 · Rockwell Automation · Rslogix 5000

Published

2014-02-05

Updated

2025-09-19

CVE-2014-0755

CVSS v2.0

6.3

Medium

Vector

AV:L/AC:M/Au:N/C:C/I:C/A:N

Name of the Vulnerable Software and Affected Versions Rockwell Automation RSLogix 5000 versions 7 through 20.01 Rockwell Automation RSLogix 5000 version 21.0

Description The issue is related to the improper implementation of password protection for .ACD files, also known as project files. This allows local users to obtain sensitive information or modify data.

Recommendations For Rockwell Automation RSLogix 5000 versions 7 through 20.01, consider restricting access to .ACD files to minimize the risk of exploitation. For Rockwell Automation RSLogix 5000 version 21.0, consider restricting access to .ACD files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Insufficiently Protected Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-522CWE-255

Related Identifiers

CVE-2014-0755

Affected Products

Rslogix 5000

PT-2014-3818 · Rockwell Automation · Rslogix 5000

CVE-2014-0755

Weakness Enumeration

Related Identifiers

Affected Products

References · 8