CVE-2023-1834

Rockwell Automation Kinetix 5500 Vulnerable to Open Port Exploitation

CVSS 9.4 CRITICALEPSS 1.3%CWE-284

Vexday Risk Score

28Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 9.4EPSS 1.3%KEV nãoPoC —Patch —

Lifecycle

11 May 2023Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Rockwell Automation was made aware that Kinetix 5500 drives, manufactured between May 2022 and January 2023, and are running v7.13 may have the telnet and FTP ports open by default. This could potentially allow attackers unauthorized access to the device through the open ports.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

Affected products

Rockwell Automation · Kinetix 5500 EtherNet/IP Servo Drive

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139441