cvedb.io
CVE-2021-32926
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2021-06-03T13:15:07.340 · Last modified 2026-06-17T03:53:48.740

Summary

When an authenticated password change request takes place, this vulnerability could allow the attacker to intercept the message that includes the legitimate, new password hash and replace it with an illegitimate hash. The user would no longer be able to authenticate to the controller (Micro800: All versions, MicroLogix 1400: Version 21 and later) causing a denial-of-service condition

Affected products

rockwellautomation — micro800_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when rockwellautomation ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.