Rockwell Automation MicroLogix 1400 PLC Default Credentials

Critical Nessus Plugin ID 90599


The remote device can be accessed with default credentials.


The remote device appears to be a Rockwell Automation MicroLogix 1400 PLC that can be accessed using default HTTP credentials. An attacker can exploit this to gain administrative access to the affected device.


Change the default password or block access to the port.

See Also

Plugin Details

Severity: Critical

ID: 90599

File Name: scada_rockwell_micrologix_1400_plc_default_http.nbin

Version: $Revision: 1.19 $

Type: remote

Family: SCADA

Published: 2016/04/20

Modified: 2018/01/29

Dependencies: 90600

Risk Information

Risk Factor: Critical


Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/h:rockwellautomation:ab_micrologix_controller:1400

Required KB Items: SCADA/Rockwell Automation MicroLogix 1400 PLC Web Server

Excluded KB Items: global_settings/supplied_logins_only

Vulnerability Publication Date: 2006/11/06

Reference Information

OSVDB: 78610