{"containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "RSLogix 5000 software", "vendor": "Rockwell Automation", "versions": [{"lessThanOrEqual": "V20.01", "status": "affected", "version": "V7", "versionType": "custom"}, {"lessThanOrEqual": "V21.0", "status": "affected", "version": "V7", "versionType": "custom"}, {"status": "unaffected", "version": "V20.03"}, {"status": "unaffected", "version": "V21.03"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Stephen Dunlap"}], "datePublic": "2014-02-04T07:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not properly implement password protection for .ACD files (aka project files), which allows local users to obtain sensitive information or modify data via unspecified vectors.</p>"}], "value": "Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not properly implement password protection for .ACD files (aka project files), which allows local users to obtain sensitive information or modify data via unspecified vectors."}], "metrics": [{"cvssV2_0": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:N", "version": "2.0"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-522", "description": "CWE-522", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2025-09-19T18:46:05.180Z"}, "references": [{"name": "rslogix-cve20140755-info-disc(90981)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90981"}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-021-01"}, {"name": "102858", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/102858"}, {"name": "65337", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/65337"}, {"url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/565204"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>According to Rockwell Automation, new RSLogix 5000 versions, V20.03 \nand V21.03, have been released that address this vulnerability. These \nreleases include mitigations that enhance password protection.</p>\n<p>Project files created in earlier affected RSLogix 5000 versions of \nsoftware must be opened, resaved, and then downloaded to the appropriate\n controller to mitigate the risk associated with this discovered \nvulnerability.</p>\n<p>IMPORTANT: Files with protected content that have been opened and \nupdate using enhanced software will no longer be compatible with earlier\n versions of RSLogix 5000 software. For example, a V20.01 project file \nwith protected content that has been opened and resaved using V20.03 \nsoftware can only be opened with V20.03 and higher versions of software.\n Also, a V21.00 project file with protected content that has been opened\n and resaved using V21.03 software can only be opened with V21.03 and \nhigher versions of software.</p><p>For the procedure to update project files, please refer to Rockwell Automation Knowledgebase AID:565204 available here:&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/detail/a_id/565204\">https://rockwellautomation.custhelp.com/app/answers/detail/a_id/565204</a>&nbsp;.</p>\n<p>In addition to using current RSLogix 5000 software, Rockwell \nAutomation also recommends the following actions to all concerned \ncustomers:</p>\n<ul>\n<li>Where possible, adopt a practice to track creation and distribution \nof protected ACD files, including duplicates and derivatives that \ncontain protected content in the event that these files may need to be \nfound or potentially disposed of in the future.</li>\n<li>Where possible, securely archive protected ACD files or those that \ncontain protected content in a manner that prevents unauthorized access.\n For instance, store protected ACD files in physical and logical \nlocations where access can be controlled and the files are stored in a \nprotected, potentially encrypted manner.</li>\n<li>Where possible, securely transmit protected ACD files or those that \ncontain protected content in a manner that prevents unauthorized access.\n For instance, email protected ACD files only to known recipients and \nencrypted the files such that only the target recipient can decrypt the \ncontent.</li>\n<li>Where possible, restrict physical and network access to controllers \ncontaining protected content only to authorized parties in order to help\n prevent unauthorized uploading of protected material into an ACD file. \nFor some customers, FactoryTalk Security software may be a suitable \noption to assist customers with applying a Role-based Access Control \n(RBAC) solution to their system. FactoryTalk Security was integrated \ninto RSLogix 5000 Version 10.00.</li>\n<li>Where possible, use a unique and complex password for each routine \nor Add-On Instruction desirable to protect, so as to reduce the risk \nthat multiple files and protected content could be compromised, should a\n single password become learned.</li>\n<li>Where possible, adopt a password management practice to periodically\n change passwords applied to routines and Add-On Instructions to help \nmitigate the risk that a learned password may remain usable for an \nextended period of time or indefinitely.</li>\n</ul>\n<p>Rockwell Automation encourages their customers to subscribe to \nRockwell Automation\u2019s Security Advisory Index (AID:54102)Rockwell \nAutomation Knowledgebase AID:54102, \n<a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/detail/a_id/54102\">https://rockwellautomation.custhelp.com/app/answers/detail/a_id/54102</a>, \nWeb site last accessed February 04, 2014. for new and relevant \ninformation relating to this and other security-related matters.</p>\n<p>For more information and for assistance with assessing the state of \nsecurity of your existing control system, including improving your \nsystem-level security when using Rockwell Automation and other vendor \ncontrols products, you can visit the Rockwell Automation Security \nSolutions Web site at \n<a target=\"_blank\" rel=\"nofollow\" href=\"http://www.rockwellautomation.com/solutions/security\">http://www.rockwellautomation.com/solutions/security</a>.</p>\n\n<br>"}], "value": "According to Rockwell Automation, new RSLogix 5000 versions, V20.03 \nand V21.03, have been released that address this vulnerability. These \nreleases include mitigations that enhance password protection.\n\n\nProject files created in earlier affected RSLogix 5000 versions of \nsoftware must be opened, resaved, and then downloaded to the appropriate\n controller to mitigate the risk associated with this discovered \nvulnerability.\n\n\nIMPORTANT: Files with protected content that have been opened and \nupdate using enhanced software will no longer be compatible with earlier\n versions of RSLogix 5000 software. For example, a V20.01 project file \nwith protected content that has been opened and resaved using V20.03 \nsoftware can only be opened with V20.03 and higher versions of software.\n Also, a V21.00 project file with protected content that has been opened\n and resaved using V21.03 software can only be opened with V21.03 and \nhigher versions of software.\n\nFor the procedure to update project files, please refer to Rockwell Automation Knowledgebase AID:565204 available here:\u00a0 https://rockwellautomation.custhelp.com/app/answers/detail/a_id/565204 \u00a0.\n\n\nIn addition to using current RSLogix 5000 software, Rockwell \nAutomation also recommends the following actions to all concerned \ncustomers:\n\n\n\n * Where possible, adopt a practice to track creation and distribution \nof protected ACD files, including duplicates and derivatives that \ncontain protected content in the event that these files may need to be \nfound or potentially disposed of in the future.\n\n * Where possible, securely archive protected ACD files or those that \ncontain protected content in a manner that prevents unauthorized access.\n For instance, store protected ACD files in physical and logical \nlocations where access can be controlled and the files are stored in a \nprotected, potentially encrypted manner.\n\n * Where possible, securely transmit protected ACD files or those that \ncontain protected content in a manner that prevents unauthorized access.\n For instance, email protected ACD files only to known recipients and \nencrypted the files such that only the target recipient can decrypt the \ncontent.\n\n * Where possible, restrict physical and network access to controllers \ncontaining protected content only to authorized parties in order to help\n prevent unauthorized uploading of protected material into an ACD file. \nFor some customers, FactoryTalk Security software may be a suitable \noption to assist customers with applying a Role-based Access Control \n(RBAC) solution to their system. FactoryTalk Security was integrated \ninto RSLogix 5000 Version 10.00.\n\n * Where possible, use a unique and complex password for each routine \nor Add-On Instruction desirable to protect, so as to reduce the risk \nthat multiple files and protected content could be compromised, should a\n single password become learned.\n\n * Where possible, adopt a password management practice to periodically\n change passwords applied to routines and Add-On Instructions to help \nmitigate the risk that a learned password may remain usable for an \nextended period of time or indefinitely.\n\n\n\n\nRockwell Automation encourages their customers to subscribe to \nRockwell Automation\u2019s Security Advisory Index (AID:54102)Rockwell \nAutomation Knowledgebase AID:54102, \n https://rockwellautomation.custhelp.com/app/answers/detail/a_id/54102 , \nWeb site last accessed February 04, 2014. for new and relevant \ninformation relating to this and other security-related matters.\n\n\nFor more information and for assistance with assessing the state of \nsecurity of your existing control system, including improving your \nsystem-level security when using Rockwell Automation and other vendor \ncontrols products, you can visit the Rockwell Automation Security \nSolutions Web site at \n http://www.rockwellautomation.com/solutions/security ."}], "source": {"advisory": "ICSA-14-021-01", "discovery": "EXTERNAL"}, "title": "Rockwell RSLogix 5000 Insufficiently Protected Credentials", "x_generator": {"engine": "Vulnogram 0.2.0"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2014-0755", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not properly implement password protection for .ACD files (aka project files), which allows local users to obtain sensitive information or modify data via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "rslogix-cve20140755-info-disc(90981)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90981"}, {"name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-021-01", "refsource": "MISC", "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-021-01"}, {"name": "102858", "refsource": "OSVDB", "url": "http://osvdb.org/102858"}, {"name": "65337", "refsource": "BID", "url": "http://www.securityfocus.com/bid/65337"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T09:27:19.509Z"}, "title": "CVE Program Container", "references": [{"name": "rslogix-cve20140755-info-disc(90981)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90981"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-021-01"}, {"name": "102858", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/102858"}, {"name": "65337", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/65337"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2014-0755", "datePublished": "2014-02-05T02:00:00", "dateReserved": "2014-01-02T00:00:00", "dateUpdated": "2025-09-19T18:46:05.180Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rockwellautomation:rslogix_5000_design_and_configuration_software:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "B25AFECC-3BDB-4F8D-AC6E-D3432DE86966", "vulnerable": true}, {"criteria": "cpe:2.3:a:rockwellautomation:rslogix_5000_design_and_configuration_software:18.0:*:*:*:*:*:*:*", "matchCriteriaId": "038A8096-81C1-4C1D-B042-48869FE23285", "vulnerable": true}, {"criteria": "cpe:2.3:a:rockwellautomation:rslogix_5000_design_and_configuration_software:20.01:*:*:*:*:*:*:*", "matchCriteriaId": "BB4DEEC1-BDFF-48F6-A4A9-E971106DA8F5", "vulnerable": true}, {"criteria": "cpe:2.3:a:rockwellautomation:rslogix_5000_design_and_configuration_software:21.0:*:*:*:*:*:*:*", "matchCriteriaId": "5C298300-3C38-4899-9424-C2CB1C37ABA5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:logix_5000_controller:-:*:*:*:*:*:*:*", "matchCriteriaId": "C588EA2D-A90A-4B68-98F9-9C0072BFA473", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not properly implement password protection for .ACD files (aka project files), which allows local users to obtain sensitive information or modify data via unspecified vectors."}, {"lang": "es", "value": "Rockwell Automation RSLogix 5000 7 hasta 20.01 y 21.0, no implementa debidamente la protecci\u00f3n por contrase\u00f1a de archivos .ACD (tambi\u00e9n conocidos como archivos de proyecto), lo cual permite a usuarios locales obtener informaci\u00f3n sensible o modificar datos a trav\u00e9s de vectores no especificados."}], "id": "CVE-2014-0755", "lastModified": "2025-09-19T19:15:35.777", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:N", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 9.2, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "ics-cert@hq.dhs.gov", "type": "Secondary", "userInteractionRequired": false}, {"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-02-05T05:15:29.930", "references": [{"source": "ics-cert@hq.dhs.gov", "url": "http://osvdb.org/102858"}, {"source": "ics-cert@hq.dhs.gov", "url": "http://www.securityfocus.com/bid/65337"}, {"source": "ics-cert@hq.dhs.gov", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90981"}, {"source": "ics-cert@hq.dhs.gov", "url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/565204"}, {"source": "ics-cert@hq.dhs.gov", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-021-01"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-021-01"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/102858"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/65337"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90981"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-522"}], "source": "ics-cert@hq.dhs.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-255"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{}

{}