CVE-2020-6980

CVE-2020-6980

Vendor N/A
Product Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior
Weakness CWE-312 · Cleartext storage
Published March 16, 2020
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, If Simple Mail Transfer Protocol (SMTP) account data is saved in RSLogix 500, a local attacker with access to a victim’s project may be able to gather SMTP server authentication data as it is written to the project file in cleartext.

Key dates

02Disclosure timeline

March 16, 2020 CVE published
August 4, 2024 Record updated