Metasploit modules that can be used to exploit Rockwellautomation products

Order by Disclosure Date Module Name Module Type
  • Rockwell FactoryTalk View SE SCADA Unauthenticated Remote Code Execution
    Disclosure Date: 2020-06-22
    First seen: 2020-11-20
    exploit/windows/scada/rockwell_factorytalk_rce
    This module exploits a series of vulnerabilities to achieve unauthenticated remote code execution on the Rockwell FactoryTalk View SE SCADA product as the IIS user. The attack relies on the chaining of five separate vulnerabilities. The first vulnerability is an unauthenticated project copy request, the second is a directory traversal, and the third is a race condition. In order to achieve full remote code execution on all targets, two information leak vulnerabilities are also abused. This exploit was used by the Flashback team (Pedro Ribeiro + Radek Domanski) in Pwn2Own Miami 2020 to win the EWS category. Authors: - Pedro Ribeiro <pedrib@gmail.com> - Radek Domanski <radek.domanski@gmail.com>
  • Rockwell FactoryTalk View SE SCADA Unauthenticated Remote Code Execution
    Disclosure Date: 2020-06-22
    First seen: 2020-11-20
    exploit/windows/scada/rockwell_factorytalk_rce
    This module exploits a series of vulnerabilities to achieve unauthenticated remote code execution on the Rockwell FactoryTalk View SE SCADA product as the IIS user. The attack relies on the chaining of five separate vulnerabilities. The first vulnerability is an unauthenticated project copy request, the second is a directory traversal, and the third is a race condition. In order to achieve full remote code execution on all targets, two information leak vulnerabilities are also abused. This exploit was used by the Flashback team (Pedro Ribeiro + Radek Domanski) in Pwn2Own Miami 2020 to win the EWS category. Authors: - Pedro Ribeiro <pedrib@gmail.com> - Radek Domanski <radek.domanski@gmail.com>
  • Rockwell FactoryTalk View SE SCADA Unauthenticated Remote Code Execution
    Disclosure Date: 2020-06-22
    First seen: 2020-11-20
    exploit/windows/scada/rockwell_factorytalk_rce
    This module exploits a series of vulnerabilities to achieve unauthenticated remote code execution on the Rockwell FactoryTalk View SE SCADA product as the IIS user. The attack relies on the chaining of five separate vulnerabilities. The first vulnerability is an unauthenticated project copy request, the second is a directory traversal, and the third is a race condition. In order to achieve full remote code execution on all targets, two information leak vulnerabilities are also abused. This exploit was used by the Flashback team (Pedro Ribeiro + Radek Domanski) in Pwn2Own Miami 2020 to win the EWS category. Authors: - Pedro Ribeiro <pedrib@gmail.com> - Radek Domanski <radek.domanski@gmail.com>
  • DoS Exploitation of Allen-Bradley's Legacy Protocol (PCCC)
    First seen: 2020-04-26
    auxiliary/dos/scada/allen_bradley_pccc
    A remote, unauthenticated attacker could send a single, specially crafted Programmable Controller Communication Commands (PCCC) packet to the controller that could potentially cause the controller to enter a DoS condition. MicroLogix 1100 controllers are affected: 1763-L16BWA, 1763-L16AWA, 1763-L16BBB, and 1763-L16DWD. CVE-2017-7924 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been assigned.
4 metasploit modules found
Please note: Metasploit modules are only matched by CVE numbers. Visit metasploit web site for more details
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close