Unrated severityNVD Advisory· Published Apr 25, 2019· Updated Aug 4, 2024

CVE-2019-10955

Description

In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15.002 and earlier, MicroLogix 1100 Controllers v14.00 and earlier, CompactLogix 5370 L1 controllers v30.014 and earlier, CompactLogix 5370 L2 controllers v30.014 and earlier, CompactLogix 5370 L3 controllers (includes CompactLogix GuardLogix controllers) v30.014 and earlier, an open redirect vulnerability could allow a remote unauthenticated attacker to input a malicious link to redirect users to a malicious site that could run or download arbitrary malware on the user’s machine.

Affected products

Rockwellautomation/Compactlogix Controllerscpe-rescue3 versions
v30.014 and earlier+ 2 more
- (no CPE)range: v30.014 and earlier
- (no CPE)range: v30.014 and earlier
- (no CPE)range: v30.014 and earlier
Rockwellautomation/Ab Micrologix Controller 1100cpe-rescue
Range: v14.00 and earlier
Rockwellautomation/Ab Micrologix Controller 1400cpe-rescue
Range: Series A

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

ics-cert.us-cert.gov/advisories/ICSA-19-113-01mitrex_refsource_MISC
www.securityfocus.com/bid/108049mitrevdb-entryx_refsource_BID

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000