CVE intelligence and bounded remediation
CVE-2010-5305 — Rockwellautomation Rslogix security vulnerability
The potential exists for exposure of the product's password used to restrict unauthorized access to Rockwell PLC5/SLC5/0x/RSLogix 1785-Lx and 1747-L5x controllers. The potential exists for an unauthorized programming and configuration client to gain access to the product and allow changes to the product’s configuration or program. When applicable, upgrade product firmware to a version that includes enhanced security functionality compatible with Rockwell Automation's FactoryTalk Security services.
- Severity
- Critical
- CVSS
- 9.8 (3.0)
- Published
- 2019-03-26
- CISA KEV
- Not currently listed
- Ecosystem
- software/application
- Weaknesses
- CWE-255, CWE-284
Affected products
- rockwellautomation / rslogix
- rockwellautomation / plc5_1785-lx_firmware
- rockwellautomation / slc5/01_1747-l5x_firmware
Matched remediation archetype
Authorization bypass, IDOR, and cross-tenant access
This catalog composition supplies bounded fallback guidance. Explicitly reviewed curated workflows load with the complete record below.
Check exposure
- Map object and action authorization checks across API, UI, batch, import/export, and background-job paths.
- Identify tenant, ownership, role, and policy boundaries for affected resources and administrative operations.
- Use synthetic fixtures to compare intended access matrices without accessing another user's real data.
Remediate safely
- Enforce server-side authorization at each resource access and state transition using the authenticated principal and trusted tenant context.
- Scope data queries by tenant and ownership; treat client-supplied identifiers, roles, and policy claims as untrusted.
- Add deny-by-default policy tests for horizontal and vertical access across every affected transport.
Authoritative sources
Complete CVE record and remediation plan
The detailed catalog view below loads this exact record, its source evidence, and the full seven-phase agentic change plan.