Code execution in Rockwell Automation 440G TLS-Z

Published: 2025-03-27

Risk	Low
Patch available	NO
Number of vulnerabilities	1
CVE-ID	CVE-2020-27212
CWE-ID	CWE-74
Exploitation vector	Local
Public exploit	N/A
Vulnerable software	440G TLS-Z Hardware solutions / Firmware
Vendor	Rockwell Automation

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Improper Neutralization of Special Elements in Output Used by a Downstream Component

EUVDB-ID: #VU106093

Risk: Low

CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-27212

CWE-ID: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code on the target system.

The vulnerability exists due to incorrect access controls. A local user can reverse protections that control access to the JTAG interface and take over the device.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

440G TLS-Z: 6.001

CPE2.3

cpe:2.3:h:rockwell_automation:440g_tls-z:6.001:*:*:*:*:*:*:*

External links

https://www.cisa.gov/news-events/ics-advisories/icsa-25-084-03

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.