VYPR

ISaGRAF Workbench

by Rockwellautomation

CVEs (4)

  • CVE-2022-1118May 17, 2022
    risk 0.02cvss epss 0.11

    Connected Components Workbench (v13.00.00 and prior), ISaGRAF Workbench (v6.0 though v6.6.9), and Safety Instrumented System Workstation (v1.2 and prior (for Trusted Controllers)) do not limit the objects that can be deserialized. This allows attackers to craft a malicious…

  • CVE-2022-2465Aug 25, 2022
    risk 0.00cvss epss 0.00

    Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Deserialization of Untrusted Data vulnerability. ISaGRAF Workbench does not limit the objects that can be deserialized. This vulnerability allows attackers to craft a malicious serialized…

  • CVE-2022-2464Aug 25, 2022
    risk 0.00cvss epss 0.00

    Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. Crafted malicious files can allow an attacker to traverse the file system when opened by ISaGRAF Workbench. If successfully exploited, an attacker could…

  • CVE-2022-2463Aug 25, 2022
    risk 0.00cvss epss 0.03

    Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. A crafted malicious .7z exchange file may allow an attacker to gain the privileges of the ISaGRAF Workbench software when opened. If the software is running…