A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix® Ethernet Modules. If a specific IP address is used to connect to the WDB agent, it can allow remote attackers to perform memory dumps, modify memory, and control execution flow.
The product initializes or sets a resource with a default that is intended to be changed by the product’s installer, administrator, or maintainer, but the default is not secure.