VYPR

Vendor CVEs

Rockwellautomation

All CVEs

321 total · sorted by risk
  • CVE-2017-14022HigDec 23, 2017
    risk 0.49cvss 7.5epss 0.04

    An Improper Input Validation issue was discovered in Rockwell Automation FactoryTalk Alarms and Events, Version 2.90 and earlier. An unauthenticated attacker with remote access to a network with FactoryTalk Alarms and Events can send a specially crafted set of packets packet to…

  • CVE-2015-6492HigOct 28, 2015
    risk 0.49cvss 7.5epss 0.04

    Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allow remote attackers to cause a denial of service (memory corruption and device crash) via a crafted HTTP request.

  • CVE-2016-9334HigFeb 13, 2017
    risk 0.48cvss 7.3epss 0.04

    An issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 controller 1763-L16AWA, Series A and B, Version 14.000 and prior versions; 1763-L16BBB, Series A and B, Version 14.000 and prior versions; 1763-L16BWA, Series A and B, Version 14.000 and prior versions;…

  • CVE-2016-4531HigJul 28, 2016
    risk 0.48cvss 7.3epss 0.08

    Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon a logout action, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.

  • CVE-2025-7971HigAug 14, 2025
    risk 0.47cvss epss 0.00

    A security issues exists within Studio 5000 Logix Designer due to unsafe handling of environment variables. If the specified path lacks a valid file, Logix Designer crashes; However, it may be possible to execute malicious code without triggering a crash.

  • CVE-2024-6242HigAug 1, 2024
    risk 0.47cvss epss 0.09

    A vulnerability exists in Rockwell Automation affected products that allows a threat actor to bypass the Trusted® Slot feature in a ControlLogix® controller. If exploited on any affected module in a 1756 chassis, a threat actor could potentially execute CIP commands that…

  • CVE-2025-13823HigDec 15, 2025
    risk 0.46cvss epss 0.00

    A security issue was found in the IPv6 stack in the Micro850 and Micro870 controllers when the controllers received multiple malformed packets during fuzzing. The controllers will go into recoverable fault with fault code 0xFE60. To recover the controller, clear the fault.

  • CVE-2025-0659HigJan 28, 2025
    risk 0.46cvss epss 0.00

    A path traversal vulnerability exists in the Rockwell Automation DataEdge Platform DataMosaix Private Cloud. By specifying the character sequence in the body of the vulnerable endpoint, it is possible to overwrite files outside of the intended directory. A threat actor with…

  • CVE-2024-3640HigMay 16, 2024
    risk 0.46cvss epss 0.00

    An unquoted executable path exists in the Rockwell Automation FactoryTalk® Remote Access™ possibly resulting in remote code execution if exploited. While running the FTRA installer package, the executable path is not properly quoted, which could allow a threat actor to enter…

  • CVE-2017-5176HigMay 19, 2017
    risk 0.46cvss 7.0epss 0.01

    A DLL Hijack issue was discovered in Rockwell Automation Connected Components Workbench (CCW). The following versions are affected: Connected Components Workbench - Developer Edition, v9.01.00 and earlier: 9328-CCWDEVENE, 9328-CCWDEVZHE, 9328-CCWDEVFRE, 9328-CCWDEVITE,…

  • CVE-2024-7567MedAug 13, 2024
    risk 0.45cvss epss 0.01

    A denial-of-service vulnerability exists via the CIP/Modbus port in the Rockwell Automation Micro850/870 (2080 -L50E/2080 -L70E). If exploited, the CIP/Modbus communication may be disrupted for short duration.

  • CVE-2016-2279MedMar 2, 2016
    risk 0.43cvss 6.1epss 0.08

    Cross-site scripting (XSS) vulnerability in the web server in Rockwell Automation Allen-Bradley CompactLogix 1769-L* before 28.011+ allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2026-9307MedJun 16, 2026
    risk 0.41cvss epss 0.00

    A sensitive information disclosure security issue exists within the affected CompactLogix controllers. The controller's web server exposes CIP Connection IDs on the diagnostics webpage, which are accessible to any unauthenticated user on the network. This information can…

  • CVE-2016-2277MedApr 6, 2016
    risk 0.41cvss 6.3epss 0.01

    IAB.exe in Rockwell Automation Integrated Architecture Builder (IAB) before 9.6.0.8 and 9.7.x before 9.7.0.2 allows remote attackers to execute arbitrary code via a crafted project file.

  • CVE-2019-10955MedApr 25, 2019
    risk 0.40cvss 6.1epss 0.03

    In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15.002 and earlier, MicroLogix 1100 Controllers v14.00 and earlier, CompactLogix 5370 L1 controllers v30.014 and earlier, CompactLogix 5370 L2 controllers v30.014 and earlier, CompactLogix 5370…

  • CVE-2017-6024MedMay 6, 2017
    risk 0.39cvss 5.9epss 0.03

    A Resource Exhaustion issue was discovered in Rockwell Automation ControlLogix 5580 controllers V28.011, V28.012, and V28.013; ControlLogix 5580 controllers V29.011; CompactLogix 5380 controllers V28.011; and CompactLogix 5380 controllers V29.011. This vulnerability may allow an…

  • CVE-2018-8843MedMay 14, 2018
    risk 0.36cvss 5.5epss 0.02

    Rockwell Automation Arena versions 15.10.00 and prior contains a use after free vulnerability caused by processing specially crafted Arena Simulation Software files that may cause the software application to crash, potentially losing any unsaved data..

  • CVE-2024-6079MedAug 13, 2024
    risk 0.35cvss epss 0.00

    A vulnerability exists in the Rockwell Automation Emulate3D™, which could be leveraged to execute a DLL Hijacking attack. The application loads shared libraries, which are readable and writable by any user. If exploited, a malicious user could leverage a malicious dll and…

  • CVE-2012-6440MedJan 24, 2013
    risk 0.32cvss 4.8epss 0.08

    The Web server password authentication mechanism used by the products is vulnerable to a MitM and Replay attack. Successful exploitation of this vulnerability will allow unauthorized access of the product’s Web server to view and alter product configuration and diagnostics…

  • CVE-2016-9338LowFeb 13, 2017
    risk 0.18cvss 2.7epss 0.02

    An issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 controller 1763-L16AWA, Series A and B, Version 14.000 and prior versions; 1763-L16BBB, Series A and B, Version 14.000 and prior versions; 1763-L16BWA, Series A and B, Version 14.000 and prior versions;…

  • CVE-2021-22681KEVMar 3, 2021
    risk 0.13cvss epss 0.25

    Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580;…

  • CVE-2023-27855Mar 21, 2023
    risk 0.09cvss epss 0.13

    In affected versions, a path traversal exists when processing a message in Rockwell Automation's ThinManager ThinServer. An unauthenticated remote attacker could potentially exploit this vulnerability to upload arbitrary files to any directory on the disk drive where…

  • CVE-2023-27856Mar 21, 2023
    risk 0.07cvss epss 0.76

    In affected versions, path traversal exists when processing a message of type 8 in Rockwell Automation's ThinManager ThinServer. An unauthenticated remote attacker can exploit this vulnerability to download arbitrary files on the disk drive where ThinServer.exe is…

  • CVE-2023-2917Aug 17, 2023
    risk 0.06cvss epss 0.68

    The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability.  Due to an improper input validation, a path traversal vulnerability exists, via the filename field, when the ThinManager processes a certain function. If exploited, an…

  • CVE-2020-12028Jul 20, 2020
    risk 0.05cvss epss 0.51

    In all versions of FactoryTalk View SEA remote, an authenticated attacker may be able to utilize certain handlers to interact with the data on the remote endpoint since those handlers do not enforce appropriate permissions. Rockwell Automation recommends enabling built in…

  • CVE-2020-12027Jul 20, 2020
    risk 0.05cvss epss 0.53

    All versions of FactoryTalk View SE disclose the hostnames and file paths for certain files within the system. A remote, authenticated attacker may be able to leverage this information for reconnaissance efforts. Rockwell Automation recommends enabling built in security features…

  • CVE-2020-12029Jul 20, 2020
    risk 0.05cvss epss 0.45

    All versions of FactoryTalk View SE do not properly validate input of filenames within a project directory. A remote, unauthenticated attacker may be able to execute a crafted file on a remote endpoint that may result in remote code execution (RCE). Rockwell Automation…

  • CVE-2023-2915Aug 17, 2023
    risk 0.04cvss epss 0.78

    The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, Due to improper input validation, a path traversal vulnerability exists when the ThinManager software processes a certain function. If exploited, an unauthenticated remote…

  • CVE-2012-6441Jan 24, 2013
    risk 0.04cvss epss 0.54

    An information exposure of confidential information results when the device receives a specially crafted CIP packet to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP. Successful exploitation of this vulnerability could cause loss of confidentiality. …

  • CVE-2012-0221Apr 2, 2012
    risk 0.04cvss epss 0.10

    The FactoryTalk (FT) RNADiagReceiver service in Rockwell Automation Allen-Bradley FactoryTalk CPR9 through SR5 and RSLogix 5000 17 through 20 does not properly handle the return value from an unspecified function, which allows remote attackers to cause a denial of service…

  • CVE-2011-3489Sep 16, 2011
    risk 0.04cvss epss 0.09

    RnaUtility.dll in RsvcHost.exe 2.30.0.23 in Rockwell RSLogix 19 and earlier allows remote attackers to cause a denial of service (crash) via a crafted rna packet with a long string to TCP port 4446 that triggers (1) "a memset zero overflow" or (2) an out-of-bounds read, related…

  • CVE-2023-3595Jul 12, 2023
    risk 0.03cvss epss 0.04

    Where this vulnerability exists in the Rockwell Automation 1756 EN2* and 1756 EN3* ControlLogix communication products, it could allow a malicious user to perform remote code execution with persistence on the target system through maliciously crafted CIP messages. This includes…

  • CVE-2018-19616Dec 26, 2018
    risk 0.03cvss epss 0.30

    An issue was discovered in Rockwell Automation Allen-Bradley PowerMonitor 1000. An unauthenticated user can add/edit/remove administrators because access control is implemented on the client side via a disabled attribute for a BUTTON element.

  • CVE-2024-7988Aug 26, 2024
    risk 0.02cvss epss 0.01

    A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™ that allows a threat actor to execute arbitrary code with System privileges. This vulnerability exists due to the lack of proper data input validation, which allows files to be…

  • CVE-2023-2914Aug 17, 2023
    risk 0.02cvss epss 0.27

    The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, an integer overflow condition exists in the affected products. When the ThinManager processes incoming messages, a read access violation occurs and terminates the process. A…

  • CVE-2022-1118May 17, 2022
    risk 0.02cvss epss 0.11

    Connected Components Workbench (v13.00.00 and prior), ISaGRAF Workbench (v6.0 though v6.6.9), and Safety Instrumented System Workstation (v1.2 and prior (for Trusted Controllers)) do not limit the objects that can be deserialized. This allows attackers to craft a malicious…

  • CVE-2012-6439Jan 24, 2013
    risk 0.02cvss epss 0.28

    When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP that changes the product’s configuration and network parameters, a DoS condition can occur. This situation…

  • CVE-2024-5988Jun 25, 2024
    risk 0.01cvss epss 0.03

    Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke a local or remote executable and cause a remote code execution condition on the Rockwell Automation ThinManager® ThinServer™.

  • CVE-2023-27857Mar 22, 2023
    risk 0.01cvss epss 0.18

    In affected versions, a heap-based buffer over-read condition occurs when the message field indicates more data than is present in the message field in Rockwell Automation's ThinManager ThinServer.  An unauthenticated remote attacker can exploit this vulnerability to…

  • CVE-2023-0755Feb 23, 2023
    risk 0.01cvss epss 0.12

    The affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the server and remotely execute arbitrary code.

  • CVE-2022-38742Sep 23, 2022
    risk 0.01cvss epss 0.22

    Rockwell Automation ThinManager ThinServer versions 11.0.0 - 13.0.0 is vulnerable to a heap-based buffer overflow. An attacker could send a specifically crafted TFTP or HTTPS request, causing a heap-based buffer overflow that crashes the ThinServer process. If successfully…

  • CVE-2022-1018Apr 1, 2022
    risk 0.01cvss epss 0.02

    When opening a malicious solution file provided by an attacker, the application suffers from an XML external entity vulnerability due to an unsafe call within a dynamic link library file. An attacker could exploit this to pass data from local files to a remote web server,…

  • CVE-2020-13573Jan 7, 2021
    risk 0.01cvss epss 0.03

    A denial-of-service vulnerability exists in the Ethernet/IP server functionality of Rockwell Automation RSLinx Classic 2.57.00.14 CPR 9 SR 3. A specially crafted network request can lead to a denial of service. An attacker can send a sequence of malicious packets to trigger this…

  • CVE-2019-13527Sep 24, 2019
    risk 0.01cvss epss 0.05

    In Rockwell Automation Arena Simulation Software Cat. 9502-Ax, Versions 16.00.00 and earlier, a maliciously crafted Arena file opened by an unsuspecting user may result in the use of a pointer that has not been initialized.

  • CVE-2019-6553Apr 4, 2019
    risk 0.01cvss epss 0.50

    A vulnerability was found in Rockwell Automation RSLinx Classic versions 4.10.00 and prior. An input validation issue in a .dll file of RSLinx Classic where the data in a Forward Open service request is passed to a fixed size buffer, allowing an attacker to exploit a stack-based…

  • CVE-2014-5424Nov 14, 2014
    risk 0.01cvss epss 0.11

    Rockwell Automation Connected Components Workbench (CCW) before 7.00.00 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an invalid property value to an ActiveX control that was built with an outdated compiler.

  • CVE-2012-4715Apr 18, 2013
    risk 0.01cvss epss 0.08

    Buffer overflow in LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a UDP packet…

  • CVE-2011-2530Jun 22, 2011
    risk 0.01cvss epss 0.08

    Buffer overflow in RSEds.dll in RSHWare.exe in the EDS Hardware Installation Tool 1.0.5.1 and earlier in Rockwell Automation RSLinx Classic before 2.58 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a…

  • CVE-2009-0473Feb 6, 2009
    risk 0.01cvss epss 0.13

    Open redirect vulnerability in the web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

  • CVE-2025-9283Jan 20, 2026
    risk 0.00cvss epss 0.01

    A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP Step Limits Storms tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds.

Page 2 of 7