Vulnerabilities > Rockwellautomation > 1756 Eweb Series A Firmware > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-12-07 | CVE-2018-17924 | Missing Authentication for Critical Function vulnerability in Rockwellautomation products Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upon successful connection, send a new IP configuration to the affected device even if the controller in the system is set to Hard RUN mode. | 7.8 |