CVE-2020-6984

Published: Mar 16, 2020Modified: Jun 3, 2026

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic function utilized to protect the password in MicroLogix is discoverable.

Affected (4)

Products: Rockwellautomation: Micrologix 1400 A Firmware, Micrologix 1400 B Firmware, Micrologix 1100 Firmware, Rslogix 500

Rockwellautomation

4 products

Micrologix 1400 A Firmware

Micrologix 1400 B Firmware

Micrologix 1100 Firmware

Configuration A

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Rockwellautomation Micrologix 1400 A Firmware	All versions
Rockwellautomation Micrologix 1400 B Firmware	Up to 21.001

Running on/with	Platform Versions
Rockwellautomation Micrologix 1400	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Rockwellautomation Micrologix 1100 Firmware	All versions

Running on/with	Platform Versions
Rockwellautomation Micrologix 1100	All versions

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Rockwellautomation Rslogix 500	Up to 12.001

Related CWEs

Use of a Broken or Risky Cryptographic Algorithm

The product uses a broken or risky cryptographic algorithm or protocol.

References (2)

https://www.us-cert.gov/ics/advisories/icsa-20-070-06

Source: ics-cert@hq.dhs.gov

Third Party AdvisoryUS Government Resource

https://www.us-cert.gov/ics/advisories/icsa-20-070-06

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

Timeline

No history available yet.