RSLinx Classic

CVEs (14)

CVE	Vendor / Product	Risk	CVSS	EPSS	Published	Description
CVE-2018-14829	Rockwellautomation RSLinx Classic	0.04	—	0.48	Sep 20, 2018	Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vulnerability may allow a remote threat actor to intentionally send a malformed CIP packet to Port 44818, causing the software application to stop responding and crash. This vulnerability also has the potential…
CVE-2018-10619	Rockwellautomation RSLinx Classic	0.03	—	0.00	Jun 7, 2018	An unquoted search path or element in RSLinx Classic Versions 3.90.01 and prior and FactoryTalk Linx Gateway Versions 3.90.00 and prior may allow an authorized, but non-privileged local user to execute arbitrary code and allow a threat actor to escalate user privileges on the…
CVE-2020-13573	Rockwellautomation RSLinx Classic	0.01	—	0.09	Jan 7, 2021	A denial-of-service vulnerability exists in the Ethernet/IP server functionality of Rockwell Automation RSLinx Classic 2.57.00.14 CPR 9 SR 3. A specially crafted network request can lead to a denial of service. An attacker can send a sequence of malicious packets to trigger this…
CVE-2019-6553	Rockwellautomation RSLinx Classic	0.01	—	0.17	Apr 4, 2019	A vulnerability was found in Rockwell Automation RSLinx Classic versions 4.10.00 and prior. An input validation issue in a .dll file of RSLinx Classic where the data in a Forward Open service request is passed to a fixed size buffer, allowing an attacker to exploit a stack-based…
CVE-2020-12005	Rockwellautomation Connected Components Workbench	0.00	—	0.00	Jun 15, 2020	FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx…
CVE-2020-12003	Rockwellautomation Connected Components Workbench	0.00	—	0.00	Jun 15, 2020	FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx…
CVE-2020-11999	Rockwellautomation Connected Components Workbench	0.00	—	0.00	Jun 15, 2020	FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx…
CVE-2020-12034	Rockwellautomation Studio 5000 Logix Designer	0.00	—	0.00	May 20, 2020	Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk Linx software (Previously called RSLinx Enterprise): Versions 6.00, 6.10, and 6.11, RSLinx Classic: Version 4.11.00 and prior, RSNetWorx software: Version 28.00.00 and prior, Studio 5000 Logix Designer…
CVE-2020-12038	Rockwellautomation Studio 5000 Logix Designer	0.00	—	0.00	May 19, 2020	Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk Linx software (Previously called RSLinx Enterprise): Versions 6.00, 6.10, and 6.11, RSLinx Classic: Version 4.11.00 and prior, RSNetWorx software: Version 28.00.00 and prior, Studio 5000 Logix Designer…
CVE-2020-10642	Rockwellautomation RSLinx Classic	0.00	—	0.00	Apr 13, 2020	In Rockwell Automation RSLinx Classic versions 4.11.00 and prior, an authenticated local attacker could modify a registry key, which could lead to the execution of malicious code using system privileges when opening RSLinx Classic.
CVE-2018-14827	Rockwellautomation RSLinx Classic	0.00	—	0.00	Sep 20, 2018	Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. A remote, unauthenticated threat actor may intentionally send specially crafted Ethernet/IP packets to Port 44818, causing the software application to stop responding and crash. The user must restart the software to…
CVE-2018-14821	Rockwellautomation RSLinx Classic	0.00	—	0.02	Sep 20, 2018	Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vulnerability may allow a remote, unauthenticated threat actor to intentionally send a malformed CIP packet to Port 44818, causing the RSLinx Classic application to terminate. The user will need to manually…
CVE-2014-9204	Rockwellautomation Rslinx	0.00	—	0.00	May 17, 2015	Stack-based buffer overflow in OPCTest.exe in Rockwell Automation RSLinx Classic before 3.73.00 allows remote attackers to execute arbitrary code via a crafted CSV file.
CVE-2011-2530	Rockwellautomation Rslinx	0.00	—	0.01	Jun 22, 2011	Buffer overflow in RSEds.dll in RSHWare.exe in the EDS Hardware Installation Tool 1.0.5.1 and earlier in Rockwell Automation RSLinx Classic before 2.58 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a…

CVE-2018-14829Sep 20, 2018
Rockwellautomation
RSLinx Classic
risk 0.04cvss —epss 0.48
Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vulnerability may allow a remote threat actor to intentionally send a malformed CIP packet to Port 44818, causing the software application to stop responding and crash. This vulnerability also has the potential…
CVE-2018-10619Jun 7, 2018
Rockwellautomation
RSLinx Classic
risk 0.03cvss —epss 0.00
An unquoted search path or element in RSLinx Classic Versions 3.90.01 and prior and FactoryTalk Linx Gateway Versions 3.90.00 and prior may allow an authorized, but non-privileged local user to execute arbitrary code and allow a threat actor to escalate user privileges on the…
CVE-2020-13573Jan 7, 2021
Rockwellautomation
RSLinx Classic
risk 0.01cvss —epss 0.09
A denial-of-service vulnerability exists in the Ethernet/IP server functionality of Rockwell Automation RSLinx Classic 2.57.00.14 CPR 9 SR 3. A specially crafted network request can lead to a denial of service. An attacker can send a sequence of malicious packets to trigger this…
CVE-2019-6553Apr 4, 2019
Rockwellautomation
RSLinx Classic
risk 0.01cvss —epss 0.17
A vulnerability was found in Rockwell Automation RSLinx Classic versions 4.10.00 and prior. An input validation issue in a .dll file of RSLinx Classic where the data in a Forward Open service request is passed to a fixed size buffer, allowing an attacker to exploit a stack-based…
CVE-2020-12005Jun 15, 2020
Rockwellautomation
Connected Components Workbench
risk 0.00cvss —epss 0.00
FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx…
CVE-2020-12003Jun 15, 2020
Rockwellautomation
Connected Components Workbench
risk 0.00cvss —epss 0.00
FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx…
CVE-2020-11999Jun 15, 2020
Rockwellautomation
Connected Components Workbench
risk 0.00cvss —epss 0.00
FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx…
CVE-2020-12034May 20, 2020
Rockwellautomation
Studio 5000 Logix Designer
risk 0.00cvss —epss 0.00
Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk Linx software (Previously called RSLinx Enterprise): Versions 6.00, 6.10, and 6.11, RSLinx Classic: Version 4.11.00 and prior, RSNetWorx software: Version 28.00.00 and prior, Studio 5000 Logix Designer…
CVE-2020-12038May 19, 2020
Rockwellautomation
Studio 5000 Logix Designer
risk 0.00cvss —epss 0.00
Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk Linx software (Previously called RSLinx Enterprise): Versions 6.00, 6.10, and 6.11, RSLinx Classic: Version 4.11.00 and prior, RSNetWorx software: Version 28.00.00 and prior, Studio 5000 Logix Designer…
CVE-2020-10642Apr 13, 2020
Rockwellautomation
RSLinx Classic
risk 0.00cvss —epss 0.00
In Rockwell Automation RSLinx Classic versions 4.11.00 and prior, an authenticated local attacker could modify a registry key, which could lead to the execution of malicious code using system privileges when opening RSLinx Classic.
CVE-2018-14827Sep 20, 2018
Rockwellautomation
RSLinx Classic
risk 0.00cvss —epss 0.00
Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. A remote, unauthenticated threat actor may intentionally send specially crafted Ethernet/IP packets to Port 44818, causing the software application to stop responding and crash. The user must restart the software to…
CVE-2018-14821Sep 20, 2018
Rockwellautomation
RSLinx Classic
risk 0.00cvss —epss 0.02
Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vulnerability may allow a remote, unauthenticated threat actor to intentionally send a malformed CIP packet to Port 44818, causing the RSLinx Classic application to terminate. The user will need to manually…
CVE-2014-9204May 17, 2015
Rockwellautomation
Rslinx
risk 0.00cvss —epss 0.00
Stack-based buffer overflow in OPCTest.exe in Rockwell Automation RSLinx Classic before 3.73.00 allows remote attackers to execute arbitrary code via a crafted CSV file.
CVE-2011-2530Jun 22, 2011
Rockwellautomation
Rslinx
risk 0.00cvss —epss 0.01
Buffer overflow in RSEds.dll in RSHWare.exe in the EDS Hardware Installation Tool 1.0.5.1 and earlier in Rockwell Automation RSLinx Classic before 2.58 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a…