Vulnerabilities > CVE-2023-1834 - Unspecified vulnerability in Rockwellautomation Kinetix 5500 Firmware 7.13

CVSS 9.1 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

rockwellautomation

critical

NVD

Published: 2023-05-11

Updated: 2023-05-22

Summary

Rockwell Automation was made aware that Kinetix 5500 drives, manufactured between May 2022 and January 2023, and are running v7.13 may have the telnet and FTP ports open by default. This could potentially allow attackers unauthorized access to the device through the open ports.

Vulnerable Configurations

Part	Description	Count
OS	Rockwellautomation Rockwellautomation Kinetix 5500 Firmware 7.13	1
Hardware	Rockwellautomation Rockwellautomation Kinetix 5500 -	1

References

https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139441
https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-09