CVE-2010-5305
CRITICALRockwell PLC5/SLC5/0x/RSLogix 1785-Lx and 1747-L5x - Info Disclosure
Title source: llmDescription
The potential exists for exposure of the product's password used to restrict unauthorized access to Rockwell PLC5/SLC5/0x/RSLogix 1785-Lx and 1747-L5x controllers. The potential exists for an unauthorized programming and configuration client to gain access to the product and allow changes to the product’s configuration or program. When applicable, upgrade product firmware to a version that includes enhanced security functionality compatible with Rockwell Automation's FactoryTalk Security services.
References (3)
Core 3
Core References
Various Sources
http://rockwellautomation.custhelp.com/app/answers/detail/a_id/66684/kw/vulnerability/r_id/115100
Mitigation, Third Party Advisory, US Government Resource
https://ics-cert.us-cert.gov/advisories/ICSA-10-070-02
Third Party Advisory, US Government Resource x_refsource_misc
https://www.cisa.gov/news-events/ics-advisories/icsa-10-070-02
Scores
CVSS v3
9.8
EPSS
0.0112
EPSS Percentile
78.5%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-284
CWE-255
Status
published
Products (3)
rockwellautomation/plc5_1785-lx_firmware
rockwellautomation/rslogix
rockwellautomation/slc5\/01_1747-l5x_firmware
Published
Mar 26, 2019
Tracked Since
Feb 18, 2026