CVE-2014-0755 - Vulnerability Details - OpenCVE

ReportizFlow

Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not properly implement password protection for .ACD files (aka project files), which allows local users to obtain sensitive information or modify data via unspecified vectors.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact None

AV:L/AC:M/Au:N/C:C/I:C/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Rockwellautomation	Logix 5000 Controller Rslogix 5000 Design And Configuration Software

Configuration 1 [-]

AND

OR	cpe:2.3:a:rockwellautomation:rslogix_5000_design_and_configuration_software:7.0:::::::*
	cpe:2.3:a:rockwellautomation:rslogix_5000_design_and_configuration_software:18.0:::::::*
	cpe:2.3:a:rockwellautomation:rslogix_5000_design_and_configuration_software:20.01:::::::*
	cpe:2.3:a:rockwellautomation:rslogix_5000_design_and_configuration_software:21.0:::::::*

cpe:2.3:h:rockwellautomation:logix_5000_controller:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://ics-cert.us-cert.gov/advisories/ICSA-14-021-01
http://osvdb.org/102858
http://www.securityfocus.com/bid/65337
https://exchange.xforce.ibmcloud.com/vulnerabilities/90981
https://rockwellautomation.custhelp.com/app/answers/detail/a_id/565204
https://www.cisa.gov/news-events/ics-advisories/icsa-14-021-01

History

Fri, 19 Sep 2025 19:00:00 +0000

Type	Values Removed	Values Added
Title		Rockwell RSLogix 5000 Insufficiently Protected Credentials
Weaknesses		CWE-522
References		https://rockwellautomation.custhelp.com/app/answers/detail/a_id/565204 https://www.cisa.gov/news-events/ics-advisories/icsa-14-021-01
Metrics	cvssV2_0 `{'score': 6.9, 'vector': 'AV:L/AC:M/Au:N/C:C/I:C/A:C'}`	cvssV2_0 `{'score': 6.3, 'vector': 'AV:L/AC:M/Au:N/C:C/I:C/A:N'}`

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2014-02-05T02:00:00

Updated: 2025-09-19T18:46:05.180Z

Reserved: 2014-01-02T00:00:00

Link: CVE-2014-0755

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2014-02-05T05:15:29.930

Modified: 2025-09-19T19:15:35.777

Link: CVE-2014-0755

Redhat

No data.

{"containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "RSLogix 5000 software", "vendor": "Rockwell Automation", "versions": [{"lessThanOrEqual": "V20.01", "status": "affected", "version": "V7", "versionType": "custom"}, {"lessThanOrEqual": "V21.0", "status": "affected", "version": "V7", "versionType": "custom"}, {"status": "unaffected", "version": "V20.03"}, {"status": "unaffected", "version": "V21.03"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Stephen Dunlap"}], "datePublic": "2014-02-04T07:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not properly implement password protection for .ACD files (aka project files), which allows local users to obtain sensitive information or modify data via unspecified vectors.</p>"}], "value": "Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not properly implement password protection for .ACD files (aka project files), which allows local users to obtain sensitive information or modify data via unspecified vectors."}], "metrics": [{"cvssV2_0": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:N", "version": "2.0"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-522", "description": "CWE-522", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2025-09-19T18:46:05.180Z"}, "references": [{"name": "rslogix-cve20140755-info-disc(90981)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90981"}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-021-01"}, {"name": "102858", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/102858"}, {"name": "65337", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/65337"}, {"url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/565204"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>According to Rockwell Automation, new RSLogix 5000 versions, V20.03 \nand V21.03, have been released that address this vulnerability. These \nreleases include mitigations that enhance password protection.</p>\n<p>Project files created in earlier affected RSLogix 5000 versions of \nsoftware must be opened, resaved, and then downloaded to the appropriate\n controller to mitigate the risk associated with this discovered \nvulnerability.</p>\n<p>IMPORTANT: Files with protected content that have been opened and \nupdate using enhanced software will no longer be compatible with earlier\n versions of RSLogix 5000 software. For example, a V20.01 project file \nwith protected content that has been opened and resaved using V20.03 \nsoftware can only be opened with V20.03 and higher versions of software.\n Also, a V21.00 project file with protected content that has been opened\n and resaved using V21.03 software can only be opened with V21.03 and \nhigher versions of software.</p><p>For the procedure to update project files, please refer to Rockwell Automation Knowledgebase AID:565204 available here: <a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/detail/a_id/565204\">https://rockwellautomation.custhelp.com/app/answers/detail/a_id/565204</a> .</p>\n<p>In addition to using current RSLogix 5000 software, Rockwell \nAutomation also recommends the following actions to all concerned \ncustomers:</p>\n<ul>\n<li>Where possible, adopt a practice to track creation and distribution \nof protected ACD files, including duplicates and derivatives that \ncontain protected content in the event that these files may need to be \nfound or potentially disposed of in the future.</li>\n<li>Where possible, securely archive protected ACD files or those that \ncontain protected content in a manner that prevents unauthorized access.\n For instance, store protected ACD files in physical and logical \nlocations where access can be controlled and the files are stored in a \nprotected, potentially encrypted manner.</li>\n<li>Where possible, securely transmit protected ACD files or those that \ncontain protected content in a manner that prevents unauthorized access.\n For instance, email protected ACD files only to known recipients and \nencrypted the files such that only the target recipient can decrypt the \ncontent.</li>\n<li>Where possible, restrict physical and network access to controllers \ncontaining protected content only to authorized parties in order to help\n prevent unauthorized uploading of protected material into an ACD file. \nFor some customers, FactoryTalk Security software may be a suitable \noption to assist customers with applying a Role-based Access Control \n(RBAC) solution to their system. FactoryTalk Security was integrated \ninto RSLogix 5000 Version 10.00.</li>\n<li>Where possible, use a unique and complex password for each routine \nor Add-On Instruction desirable to protect, so as to reduce the risk \nthat multiple files and protected content could be compromised, should a\n single password become learned.</li>\n<li>Where possible, adopt a password management practice to periodically\n change passwords applied to routines and Add-On Instructions to help \nmitigate the risk that a learned password may remain usable for an \nextended period of time or indefinitely.</li>\n</ul>\n<p>Rockwell Automation encourages their customers to subscribe to \nRockwell Automation\u2019s Security Advisory Index (AID:54102)Rockwell \nAutomation Knowledgebase AID:54102, \n<a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/detail/a_id/54102\">https://rockwellautomation.custhelp.com/app/answers/detail/a_id/54102</a>, \nWeb site last accessed February 04, 2014. for new and relevant \ninformation relating to this and other security-related matters.</p>\n<p>For more information and for assistance with assessing the state of \nsecurity of your existing control system, including improving your \nsystem-level security when using Rockwell Automation and other vendor \ncontrols products, you can visit the Rockwell Automation Security \nSolutions Web site at \n<a target=\"_blank\" rel=\"nofollow\" href=\"http://www.rockwellautomation.com/solutions/security\">http://www.rockwellautomation.com/solutions/security</a>.</p>\n\n<br>"}], "value": "According to Rockwell Automation, new RSLogix 5000 versions, V20.03 \nand V21.03, have been released that address this vulnerability. These \nreleases include mitigations that enhance password protection.\n\n\nProject files created in earlier affected RSLogix 5000 versions of \nsoftware must be opened, resaved, and then downloaded to the appropriate\n controller to mitigate the risk associated with this discovered \nvulnerability.\n\n\nIMPORTANT: Files with protected content that have been opened and \nupdate using enhanced software will no longer be compatible with earlier\n versions of RSLogix 5000 software. For example, a V20.01 project file \nwith protected content that has been opened and resaved using V20.03 \nsoftware can only be opened with V20.03 and higher versions of software.\n Also, a V21.00 project file with protected content that has been opened\n and resaved using V21.03 software can only be opened with V21.03 and \nhigher versions of software.\n\nFor the procedure to update project files, please refer to Rockwell Automation Knowledgebase AID:565204 available here:\u00a0 https://rockwellautomation.custhelp.com/app/answers/detail/a_id/565204 \u00a0.\n\n\nIn addition to using current RSLogix 5000 software, Rockwell \nAutomation also recommends the following actions to all concerned \ncustomers:\n\n\n\n * Where possible, adopt a practice to track creation and distribution \nof protected ACD files, including duplicates and derivatives that \ncontain protected content in the event that these files may need to be \nfound or potentially disposed of in the future.\n\n * Where possible, securely archive protected ACD files or those that \ncontain protected content in a manner that prevents unauthorized access.\n For instance, store protected ACD files in physical and logical \nlocations where access can be controlled and the files are stored in a \nprotected, potentially encrypted manner.\n\n * Where possible, securely transmit protected ACD files or those that \ncontain protected content in a manner that prevents unauthorized access.\n For instance, email protected ACD files only to known recipients and \nencrypted the files such that only the target recipient can decrypt the \ncontent.\n\n * Where possible, restrict physical and network access to controllers \ncontaining protected content only to authorized parties in order to help\n prevent unauthorized uploading of protected material into an ACD file. \nFor some customers, FactoryTalk Security software may be a suitable \noption to assist customers with applying a Role-based Access Control \n(RBAC) solution to their system. FactoryTalk Security was integrated \ninto RSLogix 5000 Version 10.00.\n\n * Where possible, use a unique and complex password for each routine \nor Add-On Instruction desirable to protect, so as to reduce the risk \nthat multiple files and protected content could be compromised, should a\n single password become learned.\n\n * Where possible, adopt a password management practice to periodically\n change passwords applied to routines and Add-On Instructions to help \nmitigate the risk that a learned password may remain usable for an \nextended period of time or indefinitely.\n\n\n\n\nRockwell Automation encourages their customers to subscribe to \nRockwell Automation\u2019s Security Advisory Index (AID:54102)Rockwell \nAutomation Knowledgebase AID:54102, \n https://rockwellautomation.custhelp.com/app/answers/detail/a_id/54102 , \nWeb site last accessed February 04, 2014. for new and relevant \ninformation relating to this and other security-related matters.\n\n\nFor more information and for assistance with assessing the state of \nsecurity of your existing control system, including improving your \nsystem-level security when using Rockwell Automation and other vendor \ncontrols products, you can visit the Rockwell Automation Security \nSolutions Web site at \n http://www.rockwellautomation.com/solutions/security ."}], "source": {"advisory": "ICSA-14-021-01", "discovery": "EXTERNAL"}, "title": "Rockwell RSLogix 5000 Insufficiently Protected Credentials", "x_generator": {"engine": "Vulnogram 0.2.0"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2014-0755", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not properly implement password protection for .ACD files (aka project files), which allows local users to obtain sensitive information or modify data via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "rslogix-cve20140755-info-disc(90981)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90981"}, {"name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-021-01", "refsource": "MISC", "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-021-01"}, {"name": "102858", "refsource": "OSVDB", "url": "http://osvdb.org/102858"}, {"name": "65337", "refsource": "BID", "url": "http://www.securityfocus.com/bid/65337"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T09:27:19.509Z"}, "title": "CVE Program Container", "references": [{"name": "rslogix-cve20140755-info-disc(90981)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90981"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-021-01"}, {"name": "102858", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/102858"}, {"name": "65337", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/65337"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2014-0755", "datePublished": "2014-02-05T02:00:00", "dateReserved": "2014-01-02T00:00:00", "dateUpdated": "2025-09-19T18:46:05.180Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rockwellautomation:rslogix_5000_design_and_configuration_software:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "B25AFECC-3BDB-4F8D-AC6E-D3432DE86966", "vulnerable": true}, {"criteria": "cpe:2.3:a:rockwellautomation:rslogix_5000_design_and_configuration_software:18.0:*:*:*:*:*:*:*", "matchCriteriaId": "038A8096-81C1-4C1D-B042-48869FE23285", "vulnerable": true}, {"criteria": "cpe:2.3:a:rockwellautomation:rslogix_5000_design_and_configuration_software:20.01:*:*:*:*:*:*:*", "matchCriteriaId": "BB4DEEC1-BDFF-48F6-A4A9-E971106DA8F5", "vulnerable": true}, {"criteria": "cpe:2.3:a:rockwellautomation:rslogix_5000_design_and_configuration_software:21.0:*:*:*:*:*:*:*", "matchCriteriaId": "5C298300-3C38-4899-9424-C2CB1C37ABA5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:logix_5000_controller:-:*:*:*:*:*:*:*", "matchCriteriaId": "C588EA2D-A90A-4B68-98F9-9C0072BFA473", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not properly implement password protection for .ACD files (aka project files), which allows local users to obtain sensitive information or modify data via unspecified vectors."}, {"lang": "es", "value": "Rockwell Automation RSLogix 5000 7 hasta 20.01 y 21.0, no implementa debidamente la protecci\u00f3n por contrase\u00f1a de archivos .ACD (tambi\u00e9n conocidos como archivos de proyecto), lo cual permite a usuarios locales obtener informaci\u00f3n sensible o modificar datos a trav\u00e9s de vectores no especificados."}], "id": "CVE-2014-0755", "lastModified": "2025-09-19T19:15:35.777", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:N", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 9.2, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Secondary", "userInteractionRequired": false}, {"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-02-05T05:15:29.930", "references": [{"source": "[email protected]", "url": "http://osvdb.org/102858"}, {"source": "[email protected]", "url": "http://www.securityfocus.com/bid/65337"}, {"source": "[email protected]", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90981"}, {"source": "[email protected]", "url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/565204"}, {"source": "[email protected]", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-021-01"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-021-01"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/102858"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/65337"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90981"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-522"}], "source": "[email protected]", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-255"}], "source": "[email protected]", "type": "Secondary"}]}