Vulnerabilities > Rockwellautomation > 1756 Eweb Series A Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2018-12-07 CVE-2018-17924 Missing Authentication for Critical Function vulnerability in Rockwellautomation products
Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upon successful connection, send a new IP configuration to the affected device even if the controller in the system is set to Hard RUN mode.
network
low complexity
rockwellautomation CWE-306
7.8