VYPR

RSLinx Classic

by Rockwellautomation

CVEs (14)

  • CVE-2019-6553CriApr 4, 2019
    risk 0.68cvss 9.8epss 0.50

    A vulnerability was found in Rockwell Automation RSLinx Classic versions 4.10.00 and prior. An input validation issue in a .dll file of RSLinx Classic where the data in a Forward Open service request is passed to a fixed size buffer, allowing an attacker to exploit a stack-based…

  • CVE-2020-12001CriJun 15, 2020
    risk 0.65cvss 9.8epss 0.12

    FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx…

  • CVE-2018-14829CriSep 20, 2018
    risk 0.65cvss 9.8epss 0.16

    Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vulnerability may allow a remote threat actor to intentionally send a malformed CIP packet to Port 44818, causing the software application to stop responding and crash. This vulnerability also has the potential…

  • CVE-2020-11999HigJun 15, 2020
    risk 0.53cvss 8.1epss 0.03

    FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx…

  • CVE-2020-12034HigMay 20, 2020
    risk 0.53cvss 8.2epss 0.01

    Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk Linx software (Previously called RSLinx Enterprise): Versions 6.00, 6.10, and 6.11, RSLinx Classic: Version 4.11.00 and prior, RSNetWorx software: Version 28.00.00 and prior, Studio 5000 Logix Designer…

  • CVE-2020-10642HigApr 13, 2020
    risk 0.51cvss 7.8epss 0.00

    In Rockwell Automation RSLinx Classic versions 4.11.00 and prior, an authenticated local attacker could modify a registry key, which could lead to the execution of malicious code using system privileges when opening RSLinx Classic.

  • CVE-2020-13573HigJan 7, 2021
    risk 0.49cvss 7.5epss 0.03

    A denial-of-service vulnerability exists in the Ethernet/IP server functionality of Rockwell Automation RSLinx Classic 2.57.00.14 CPR 9 SR 3. A specially crafted network request can lead to a denial of service. An attacker can send a sequence of malicious packets to trigger this…

  • CVE-2020-12005HigJun 15, 2020
    risk 0.49cvss 7.5epss 0.02

    FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx…

  • CVE-2020-12003HigJun 15, 2020
    risk 0.49cvss 7.5epss 0.05

    FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx…

  • CVE-2018-14827HigSep 20, 2018
    risk 0.49cvss 7.5epss 0.04

    Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. A remote, unauthenticated threat actor may intentionally send specially crafted Ethernet/IP packets to Port 44818, causing the software application to stop responding and crash. The user must restart the software to…

  • CVE-2018-14821HigSep 20, 2018
    risk 0.49cvss 7.5epss 0.04

    Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vulnerability may allow a remote, unauthenticated threat actor to intentionally send a malformed CIP packet to Port 44818, causing the RSLinx Classic application to terminate. The user will need to manually…

  • CVE-2020-12038MedMay 19, 2020
    risk 0.36cvss 5.5epss 0.03

    Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk Linx software (Previously called RSLinx Enterprise): Versions 6.00, 6.10, and 6.11, RSLinx Classic: Version 4.11.00 and prior, RSNetWorx software: Version 28.00.00 and prior, Studio 5000 Logix Designer…

  • CVE-2011-2530Jun 22, 2011
    risk 0.01cvss epss 0.08

    Buffer overflow in RSEds.dll in RSHWare.exe in the EDS Hardware Installation Tool 1.0.5.1 and earlier in Rockwell Automation RSLinx Classic before 2.58 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a…

  • CVE-2014-9204May 17, 2015
    risk 0.00cvss epss 0.02

    Stack-based buffer overflow in OPCTest.exe in Rockwell Automation RSLinx Classic before 3.73.00 allows remote attackers to execute arbitrary code via a crafted CSV file.