Description
Rockwell Automation MicroLogix 1400 PLC 1766-L32BWA, 1766-L32AWA, 1766-L32BXB, 1766-L32BWAA, 1766-L32AWAA, and 1766-L32BXBA devices have a hardcoded SNMP community, which makes it easier for remote attackers to load arbitrary firmware updates by leveraging knowledge of this community.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/92428
Mitigation, Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-16-224-01
Scores
CVSS v3
7.3
EPSS
0.3031
EPSS Percentile
96.8%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Details
CWE
CWE-284
Status
published
Products (6)
rockwellautomation/1766-l32awa
rockwellautomation/1766-l32awaa
rockwellautomation/1766-l32bwa
rockwellautomation/1766-l32bwaa
rockwellautomation/1766-l32bxb
rockwellautomation/1766-l32bxba
Published
Aug 24, 2016
Tracked Since
Feb 18, 2026