Vulnerabilities > CVE-2019-10970 - Unspecified vulnerability in Rockwellautomation Panelview 5510 Firmware

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

rockwellautomation

critical

NVD

Published: 2019-07-11

Updated: 2020-10-01

Summary

In Rockwell Automation PanelView 5510 (all versions manufactured before March 13, 2019 that have never been updated to v4.003, v5.002, or later), a remote, unauthenticated threat actor with access to an affected PanelView 5510 Graphic Display, upon successful exploit, may boot-up the terminal and gain root-level access to the device’s file system.

Vulnerable Configurations

Part	Description	Count
OS	Rockwellautomation Rockwellautomation Panelview 5510 Firmware *	1
Hardware	Rockwellautomation Rockwellautomation Panelview 5510 -	1

References

https://www.us-cert.gov/ics/advisories/icsa-19-190-02
http://www.securityfocus.com/bid/109105