CVE-2020-6988

Name of the Vulnerable Software and Affected Versions Rockwell Automation MicroLogix 1400 Controllers Series B versions 21.001 and prior Rockwell Automation MicroLogix 1400 Controllers Series A, all versions Rockwell Automation MicroLogix 1100 Controller, all versions RSLogix 500 Software versions 12.001 and prior

Description A remote, unauthenticated attacker can send a request from the RSLogix 500 software to the victim’s MicroLogix controller, potentially allowing the attacker to bypass authentication, disclose sensitive information, or leak credentials. The vulnerability is related to the use of client-side authentication in the RSLogix 500 software and the MicroLogix 1100 and MicroLogix 1400 programmable logic controllers.

Recommendations For Rockwell Automation MicroLogix 1400 Controllers Series B versions 21.001 and prior, consider disabling the authentication mechanism that relies on client-side password values until a patch is available. For Rockwell Automation MicroLogix 1400 Controllers Series A, all versions, restrict access to the controller to minimize the risk of exploitation. For Rockwell Automation MicroLogix 1100 Controller, all versions, avoid using the vulnerable authentication method in the RSLogix 500 software until the issue is resolved. For RSLogix 500 Software versions 12.001 and prior, consider implementing additional security measures, such as restricting access to the software, to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.