CVE-2017-7914

Published: Jun 14, 2017Modified: May 13, 2026

8.6

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Exploitability: 3.9 / Impact: 4.7

Source: NVD

Description

A Missing Authorization issue was discovered in Rockwell Automation PanelView Plus 6 700-1500 6.00.04, 6.00.05, 6.00.42, 6.00-20140306, 6.10.20121012, 6.10-20140122, 7.00-20121012, 7.00-20130108, 7.00-20130325, 7.00-20130619, 7.00-20140128, 7.00-20140310, 7.00-20140429, 7.00-20140621, 7.00-20140729, 7.00-20141022, 8.00-20140730, and 8.00-20141023. There is no authorization check when connecting to the device, allowing an attacker remote access.

Affected (18)

Products: Rockwellautomation: Panelview Plus 6 700 1500 Firmware

Rockwellautomation

1 product

Panelview Plus 6 700 1500 Firmware

Configuration A

18 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Rockwellautomation Panelview Plus 6 700 1500 Firmware	Version 6.00-20140306
Rockwellautomation Panelview Plus 6 700 1500 Firmware	Version 6.00.04
Rockwellautomation Panelview Plus 6 700 1500 Firmware	Version 6.00.05
Rockwellautomation Panelview Plus 6 700 1500 Firmware	Version 6.00.42
Rockwellautomation Panelview Plus 6 700 1500 Firmware	Version 6.10-20140122
Rockwellautomation Panelview Plus 6 700 1500 Firmware	Version 6.10.20121012
Rockwellautomation Panelview Plus 6 700 1500 Firmware	Version 7.00-20121012
Rockwellautomation Panelview Plus 6 700 1500 Firmware	Version 7.00-20130108
Rockwellautomation Panelview Plus 6 700 1500 Firmware	Version 7.00-20130325
Rockwellautomation Panelview Plus 6 700 1500 Firmware	Version 7.00-20130619
Rockwellautomation Panelview Plus 6 700 1500 Firmware	Version 7.00-20140128
Rockwellautomation Panelview Plus 6 700 1500 Firmware	Version 7.00-20140310
Rockwellautomation Panelview Plus 6 700 1500 Firmware	Version 7.00-20140429
Rockwellautomation Panelview Plus 6 700 1500 Firmware	Version 7.00-20140621
Rockwellautomation Panelview Plus 6 700 1500 Firmware	Version 7.00-20140729
Rockwellautomation Panelview Plus 6 700 1500 Firmware	Version 7.00-20141022
Rockwellautomation Panelview Plus 6 700 1500 Firmware	Version 8.00-20140730
Rockwellautomation Panelview Plus 6 700 1500 Firmware	Version 8.00-20141023

Running on/with	Platform Versions
Rockwellautomation Panelview Plus 6 700 1500	All versions

Related CWEs

CWE-862

Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

CWE-882

References (2)

https://ics-cert.us-cert.gov/advisories/ICSA-17-157-01

Source: ics-cert@hq.dhs.gov

Third Party AdvisoryUS Government Resource

https://ics-cert.us-cert.gov/advisories/ICSA-17-157-01

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

Timeline

No history available yet.