CVE-2016-5645

Rockwell Automation MicroLogix 1400 PLC 1766-L32BWA, 1766-L32AWA, 1766-L32BXB, 1766-L32BWAA, 1766-L32AWAA, and 1766-L32BXBA devices have a hardcoded SNMP community, which makes it easier for remote attackers to load arbitrary firmware updates by leveraging knowledge of this community.

high 7.3 CVSS 3.1
Published: Aug 24, 2016
Modified: Jun 3, 2026
Vendor: Rockwellautomation
Product: 1766-L32Awa

Description

Rockwell Automation MicroLogix 1400 PLC 1766-L32BWA, 1766-L32AWA, 1766-L32BXB, 1766-L32BWAA, 1766-L32AWAA, and 1766-L32BXBA devices have a hardcoded SNMP community, which makes it easier for remote attackers to load arbitrary firmware updates by leveraging knowledge of this community.

References

Related CVEs

CVE-2021-33012 high · 8.6
Rockwell Automation MicroLogix 1100, all versions, allows a remote, unauthenticated attacker sending specially crafted commands to cause the PLC to fault when the controller is swi
CVE-2021-32926 high · 7.5
When an authenticated password change request takes place, this vulnerability could allow the attacker to intercept the message that includes the legitimate, new password hash and
CVE-2021-22659 high · 8.6
Rockwell Automation MicroLogix 1400 Version 21.6 and below may allow a remote unauthenticated attacker to send a specially crafted Modbus packet allowing the attacker to retrieve o
CVE-2020-6984 high · 7.5
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior
CVE-2020-6988 high · 7.5
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior
CVE-2020-6990 critical · 9.8
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior