CVSS: 8.6EPSS: 0%CPEs: 32EXPL: 1CVE-2018-17924
https://notcve.org/view.php?id=CVE-2018-17924
07 Dec 2018 — Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upon successful connection, send a new IP configuration to the affected device even if the controller in the system is set to Hard RUN mode. When the affected device accepts this new IP configuration, a loss of communication occurs between the device and the rest of the system as the system traffic is still attempt... • https://github.com/g0dd0ghd/CVE-2018-17924-PoC • CWE-306: Missing Authentication for Critical Function •
CVSS: 10.0EPSS: 93%CPEs: 4EXPL: 0CVE-2010-2965
https://notcve.org/view.php?id=CVE-2010-2965
04 Aug 2010 — The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804. El servicio WDB target agent debug en Wind River VxWorks v6.x, v5.x, y anteriores, como los usados en el Rockwell Automation 1756-ENBT serie A con firmw... • http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html • CWE-863: Incorrect Authorization •