What is CVE-2010-2965?

CVE-2010-2965 is a critical-severity vulnerability in Rockwellautomation 1756-enbt\/a, classified under Incorrect Authorization. CVSS score: 9.8/10. Published 2010-08-05.

How severe is CVE-2010-2965?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Auth bypass in Rockwellautomation 1756-enbt\/a

CVE-2010-2965

The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary mem…

Vulnerability class: Broken Access Control

EPSS: 0.923 (99.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Rockwellautomation 1756-enbt\/a
Rockwellautomation 1756-enbt\/a_firmware — versions 3.2.6, 3.6.1
Windriver Vxworks
N/a — versions n/a

Weakness classification (CWE)

CWE-863 — Incorrect Authorization

References

cve@mitre.org (x_refsource_CONFIRM, US Government Resource, Third Party Advisory)
cve@mitre.org (x_refsource_CONFIRM, Permissions Required)
cve@mitre.org (x_refsource_CERT-VN, US Government Resource, Third Party Advisory, third-party-advisory)
cve@mitre.org (x_refsource_CONFIRM, Permissions Required)
cve@mitre.org (x_refsource_CONFIRM, US Government Resource, Third Party Advisory)
cve@mitre.org (x_refsource_MISC, Not Applicable)
af854a3a-2127-422b-91ae-364da2661108

Frequently asked questions

What is CVE-2010-2965?: CVE-2010-2965 is a critical-severity vulnerability in Rockwellautomation 1756-enbt\/a, classified under Incorrect Authorization. CVSS score: 9.8/10. Published 2010-08-05.
How severe is CVE-2010-2965?: Critical severity. CVSS v3 base score is 9.8 out of 10.