A sensitive information disclosure security issue exists within the affected CompactLogix controllers. The controller's web server exposes CIP Connection IDs on the diagnostics webpage, which are accessible to any unauthenticated user on the network. This information can be leveraged by an attacker to construct malicious packets, leading to Denial-of-Service.
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanation1 reference(s) from NVD