VYPR

Vendor CVEs

Rockwellautomation

All CVEs

321 total · sorted by risk
  • CVE-2010-2965CriAug 5, 2010
    risk 0.68cvss 9.8epss 0.58

    The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls,…

  • CVE-2017-16740CriJan 9, 2018
    risk 0.66cvss 10.0epss 0.07

    A Buffer Overflow issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers, Series B and C Versions 21.002 and earlier. The stack-based buffer overflow vulnerability has been identified, which may allow remote code execution.

  • CVE-2016-9343CriFeb 13, 2017
    risk 0.66cvss 10.0epss 0.10

    An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able…

  • CVE-2018-14829CriSep 20, 2018
    risk 0.65cvss 9.8epss 0.16

    Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vulnerability may allow a remote threat actor to intentionally send a malformed CIP packet to Port 44818, causing the software application to stop responding and crash. This vulnerability also has the potential…

  • CVE-2020-6990CriMar 16, 2020
    risk 0.64cvss 9.8epss 0.04

    Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic key utilized to help protect the account password is hard coded into the…

  • CVE-2017-7903CriJun 30, 2017
    risk 0.64cvss 9.8epss 0.03

    A Weak Password Requirements issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series…

  • CVE-2017-7902CriJun 30, 2017
    risk 0.64cvss 9.8epss 0.03

    A "Reusing a Nonce, Key Pair in Encryption" issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions;…

  • CVE-2017-7899CriJun 30, 2017
    risk 0.64cvss 9.8epss 0.05

    An Information Exposure issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series A…

  • CVE-2017-7898CriJun 30, 2017
    risk 0.64cvss 9.8epss 0.05

    An Improper Restriction of Excessive Authentication Attempts issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and…

  • CVE-2016-4522CriJul 28, 2016
    risk 0.64cvss 9.8epss 0.06

    SQL injection vulnerability in Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

  • CVE-2016-0868CriJan 28, 2016
    risk 0.64cvss 9.8epss 0.07

    Stack-based buffer overflow on Rockwell Automation Allen-Bradley MicroLogix 1100 devices A through 15.000 and B before 15.002 allows remote attackers to execute arbitrary code via a crafted web request.

  • CVE-2015-6490CriOct 28, 2015
    risk 0.64cvss 9.8epss 0.07

    Stack-based buffer overflow on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices through B FRN 15.003 allows remote attackers to execute arbitrary code via unspecified vectors.

  • CVE-2012-6437CriJan 24, 2013
    risk 0.64cvss 9.8epss 0.10

    The device does not properly authenticate users and the potential exists for a remote user to upload a new firmware image to the Ethernet card, whether it is a corrupt or legitimate firmware image. Successful exploitation of this vulnerability could cause loss of availability,…

  • CVE-2025-7353CriAug 14, 2025
    risk 0.61cvss epss 0.01

    A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix® Ethernet Modules. If a specific IP address is used to connect to the WDB agent, it can allow remote attackers to perform memory dumps, modify memory, and control execution…

  • CVE-2024-12372CriDec 18, 2024
    risk 0.61cvss epss 0.01

    A denial-of-service and possible remote code execution vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in corruption of the heap memory which may compromise the integrity of the system, potentially allowing for remote code execution…

  • CVE-2025-13036CriJun 16, 2026
    risk 0.60cvss epss 0.00

    An authentication bypass security issue exists within FactoryTalk Historian Site Edition. By continually sending requests to the login endpoint, an attacker may obtain a valid authentication token.

  • CVE-2024-12373CriDec 18, 2024
    risk 0.60cvss epss 0.01

    A denial-of-service vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in a buffer-overflow, potentially causing denial-of-service.

  • CVE-2024-12371CriDec 18, 2024
    risk 0.60cvss epss 0.01

    A device takeover vulnerability exists in the Rockwell Automation Power Monitor 1000. This vulnerability allows configuration of a new Policyholder user without any authentication via API. Policyholder user is the most privileged user that can perform edit operations, creating…

  • CVE-2026-0647HigJun 16, 2026
    risk 0.57cvss epss 0.00

    An improper authentication security issue exists within the 1794-AENTR adapter's embedded web server. The vulnerability allows an unauthenticated attacker to change the device's web interface password by sending a crafted HTTP GET request to a specific endpoint, without any…

  • CVE-2026-0646HigJun 16, 2026
    risk 0.57cvss epss 0.00

    A denial-of-service security issue exists within the 1794-AENTR adapter due to improper memory handling of CIP protocol requests. This vulnerability can result in the adapter faulting and losing connection to its associated I/O modules, requiring a manual reset to…

  • CVE-2025-11694HigJun 16, 2026
    risk 0.57cvss epss 0.00

    A security issue exists within 1769 CompactLogix controllers due to the missing validation of sequence numbers and source IP addresses in the CIP protocol. This allows attacker to abuse the exposed Connection ID’s visible on the web interface to perform denial-of-service…

  • CVE-2025-9368HigDec 9, 2025
    risk 0.57cvss epss 0.00

    A security issue exists within 432ES-IG3 Series A, which affects GuardLink® EtherNet/IP Interface, resulting in denial-of-service. A manual power cycle is required to recover the device.

  • CVE-2025-12807HigDec 9, 2025
    risk 0.57cvss epss 0.00

    A security issue was discovered in DataMosaix Private Cloud, allowing users with low privilege to perform sensitive database operations through exposed API endpoints.

  • CVE-2025-9066HigOct 14, 2025
    risk 0.57cvss epss 0.00

    A security issue was discovered within FactoryTalk® ViewPoint, allowing unauthenticated attackers to achieve XXE. Certain SOAP requests can be abused to perform XXE, resulting in a temporary denial-of-service.

  • CVE-2025-9042HigAug 14, 2025
    risk 0.57cvss epss 0.00

    A security issue exists due to improper handling of CIP Class 32’s request when a module is inhibited on the 5094-IY8 device. It causes the module to enter a fault state with the Module LED flashing red. Upon un-inhibiting, the module returns a connection fault (Code 16#0010),…

  • CVE-2025-9041HigAug 14, 2025
    risk 0.57cvss epss 0.00

    A security issue exists due to improper handling of CIP Class 32’s request when a module is inhibited on the 5094-IF8 device. It causes the module to enter a fault state with the Module LED flashing red. Upon un-inhibiting, the module returns a connection fault (Code 16#0010),…

  • CVE-2025-7774HigAug 14, 2025
    risk 0.57cvss epss 0.00

    A security issue exists within the 5032 16pt Digital Configurable module’s web server. Intercepted session credentials can be used within a 3-minute timeout window, allowing unauthorized users to perform privileged actions.

  • CVE-2025-7773HigAug 14, 2025
    risk 0.57cvss epss 0.00

    A security issue exists within the 5032 16pt Digital Configurable module’s web server. The web server’s session number increments at an interval that correlates to the last two consecutive sign in session interval, making it predictable.

  • CVE-2021-33012HigJul 9, 2021
    risk 0.56cvss 8.6epss 0.02

    Rockwell Automation MicroLogix 1100, all versions, allows a remote, unauthenticated attacker sending specially crafted commands to cause the PLC to fault when the controller is switched to RUN mode, which results in a denial-of-service condition. If successfully exploited, this…

  • CVE-2021-22659HigMar 25, 2021
    risk 0.56cvss 8.6epss 0.02

    Rockwell Automation MicroLogix 1400 Version 21.6 and below may allow a remote unauthenticated attacker to send a specially crafted Modbus packet allowing the attacker to retrieve or modify random values in the register. If successfully exploited, this may lead to a buffer…

  • CVE-2018-17924HigDec 7, 2018
    risk 0.56cvss 8.6epss 0.04

    Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upon successful connection, send a new IP configuration to the affected device even…

  • CVE-2017-7901HigJun 30, 2017
    risk 0.56cvss 8.6epss 0.07

    A Predictable Value Range from Previous Values issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions;…

  • CVE-2017-7914HigJun 14, 2017
    risk 0.56cvss 8.6epss 0.07

    A Missing Authorization issue was discovered in Rockwell Automation PanelView Plus 6 700-1500 6.00.04, 6.00.05, 6.00.42, 6.00-20140306, 6.10.20121012, 6.10-20140122, 7.00-20121012, 7.00-20130108, 7.00-20130325, 7.00-20130619, 7.00-20140128, 7.00-20140310, 7.00-20140429,…

  • CVE-2016-5814HigSep 19, 2016
    risk 0.56cvss 8.6epss 0.05

    Buffer overflow in Rockwell Automation RSLogix Micro Starter Lite, RSLogix Micro Developer, RSLogix 500 Starter Edition, RSLogix 500 Standard Edition, and RSLogix 500 Professional Edition allows remote attackers to execute arbitrary code via a crafted RSS project file.

  • CVE-2025-7973HigAug 14, 2025
    risk 0.55cvss epss 0.00

    A security issue exists in FactoryTalk ViewPoint version 14.0 or below due to improper handling of MSI repair operations. During a repair, attackers can hijack the cscript.exe console window, which runs with SYSTEM privileges. This can be exploited to spawn an elevated command…

  • CVE-2025-14272HigJun 16, 2026
    risk 0.54cvss epss 0.00

    A security issue was identified in Pavilion due to improper authorization enforcement in API endpoints. This vulnerability can allow an unauthorized actor to execute privileged operations, including user/role management and other administrative actions.

  • CVE-2017-7924HigSep 20, 2017
    risk 0.54cvss 7.5epss 0.22

    An Improper Input Validation issue was discovered in Rockwell Automation MicroLogix 1100 controllers 1763-L16BWA, 1763-L16AWA, 1763-L16BBB, and 1763-L16DWD. A remote, unauthenticated attacker could send a single, specially crafted Programmable Controller Communication Commands…

  • CVE-2012-6435HigJan 24, 2013
    risk 0.52cvss 7.5epss 0.42

    When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP that instructs the CPU to stop logic execution and enter a fault state, a DoS can occur. This situation could cause…

  • CVE-2019-25276HigFeb 5, 2026
    risk 0.51cvss 7.8epss 0.00

    Studio 5000 Logix Designer 30.01.00 contains an unquoted service path vulnerability in the FactoryTalk Activation Service that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Rockwell…

  • CVE-2017-6015HigMay 11, 2018
    risk 0.51cvss 7.8epss 0.01

    Without quotation marks, any whitespace in the file path for Rockwell Automation FactoryTalk Activation version 4.00.02 remains ambiguous, which may allow an attacker to link to or run a malicious executable. This may allow an authorized, but not privileged local user to execute…

  • CVE-2012-6442HigJan 24, 2013
    risk 0.51cvss 7.5epss 0.33

    When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP that instructs the product to reset, a DoS can occur. This situation could cause loss of availability and a…

  • CVE-2012-6438HigJan 24, 2013
    risk 0.51cvss 7.5epss 0.33

    The device does not properly validate the data being sent to the buffer. An attacker can send a malformed CIP packet to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP, which creates a buffer overflow and causes the NIC to crash. Successful exploitation of this…

  • CVE-2012-6436HigJan 24, 2013
    risk 0.51cvss 7.5epss 0.33

    The device does not properly validate the data being sent to the buffer. An attacker can send a malformed CIP packet to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP, which creates a buffer overflow and causes the CPU to crash. Successful exploitation of this…

  • CVE-2025-9178HigOct 14, 2025
    risk 0.50cvss epss 0.00

    A denial-of-service security issue exists in the affected product and version. The security issue is caused through CIP communication using crafted payloads. The security issue could result in no CIP communication with 1715 EtherNet/IP Adapter.A restart is required to recover.

  • CVE-2016-5645HigAug 24, 2016
    risk 0.50cvss 7.3epss 0.29

    Rockwell Automation MicroLogix 1400 PLC 1766-L32BWA, 1766-L32AWA, 1766-L32BXB, 1766-L32BWAA, 1766-L32AWAA, and 1766-L32BXBA devices have a hardcoded SNMP community, which makes it easier for remote attackers to load arbitrary firmware updates by leveraging knowledge of this…

  • CVE-2025-1449HigMar 31, 2025
    risk 0.49cvss epss 0.01

    A vulnerability exists in the Rockwell Automation Verve Asset Manager due to insufficient variable sanitizing. A portion of the administrative web interface for Verve's Legacy Agentless Device Inventory (ADI) capability (deprecated since the 1.36 release) allows users to change…

  • CVE-2020-6988HigMar 16, 2020
    risk 0.49cvss 7.5epss 0.04

    Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, A remote, unauthenticated attacker can send a request from the RSLogix 500 software to the…

  • CVE-2020-6984HigMar 16, 2020
    risk 0.49cvss 7.5epss 0.03

    Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic function utilized to protect the password in MicroLogix is discoverable.

  • CVE-2018-14827HigSep 20, 2018
    risk 0.49cvss 7.5epss 0.04

    Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. A remote, unauthenticated threat actor may intentionally send specially crafted Ethernet/IP packets to Port 44818, causing the software application to stop responding and crash. The user must restart the software to…

  • CVE-2018-14821HigSep 20, 2018
    risk 0.49cvss 7.5epss 0.04

    Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vulnerability may allow a remote, unauthenticated threat actor to intentionally send a malformed CIP packet to Port 44818, causing the RSLinx Classic application to terminate. The user will need to manually…

Page 1 of 7