CVE-2020-6988EPSS p88.9%

CVE-2020-6988CVE-2020-6988

rockwellautomation / micrologix_1400_a_firmware

Description

Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, A remote, unauthenticated attacker can send a request from the RSLogix 500 software to the victim’s MicroLogix controller. The controller will then respond to the client with used password values to authenticate the user on the client-side. This method of authentication may allow an attacker to bypass authentication altogether, disclose sensitive information, or leak credentials.

Scoring

CVSS 7.5 ()
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS3.89% probability of exploitation · percentile 88.9% · 2026-06-19T12:03:05Z
Last modified2026-06-03

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2020-6984
CVE
CVE-2020-6990
CVE
CVE-2019-10955
CVE
Rockwell Multiple Products Insufficient Protected Credentials Vulnerability
CVE
CVE-2021-32926
CVE
CVE-2021-33012
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.