CyberSec.Space Logo
Back to CVE Browser

CVE-2016-5645

HIGH
7.3
CVSS Severity Score
EPSS Score0.0380%
EPSS Percentile7.63th
PublishedAug 24, 2016
Last ModifiedJun 3, 2026

Vulnerability Description

Rockwell Automation MicroLogix 1400 PLC 1766-L32BWA, 1766-L32AWA, 1766-L32BXB, 1766-L32BWAA, 1766-L32AWAA, and 1766-L32BXBA devices have a hardcoded SNMP community, which makes it easier for remote attackers to load arbitrary firmware updates by leveraging knowledge of this community.

Affected Platforms (CPE)

πŸ”Œ
Rockwellautomation

1766 L32awa

All versions
πŸ”Œ
Rockwellautomation

1766 L32awaa

All versions
πŸ”Œ
Rockwellautomation

1766 L32bwa

All versions
πŸ”Œ
Rockwellautomation

1766 L32bwaa

All versions
πŸ”Œ
Rockwellautomation

1766 L32bxb

All versions
πŸ”Œ
Rockwellautomation

1766 L32bxba

All versions

References & Advisories

πŸ”— http://www.securityfocus.com/bid/92428
πŸ”— https://ics-cert.us-cert.gov/advisories/ICSA-16-224-01
πŸ”— http://www.securityfocus.com/bid/92428
πŸ”— https://ics-cert.us-cert.gov/advisories/ICSA-16-224-01

Related Vulnerabilities

CVE-2017-78999.8

An Information Exposure issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1...

CVE-2017-79029.8

A "Reusing a Nonce, Key Pair in Encryption" issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable...

CVE-2017-78989.8

An Improper Restriction of Excessive Authentication Attempts issue was discovered in Rockwell Automation Allen-Bradley MicroLogix ...

CVE-2017-79039.8

A Weak Password Requirements issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controll...