VYPR

Vendor CVEs

Rockwellautomation

All CVEs

321 total · sorted by risk
  • CVE-2023-29463Sep 12, 2023
    risk 0.00cvss epss 0.01

    The JMX Console within the Rockwell Automation Pavilion8 is exposed to application users and does not require authentication. If exploited, a malicious user could potentially retrieve other application users’ session data and or log users out of their session.

  • CVE-2023-2071Sep 12, 2023
    risk 0.00cvss epss 0.11

    Rockwell Automation FactoryTalk View Machine Edition on the PanelView Plus, improperly verifies user’s input, which allows unauthenticated attacker to achieve remote code executed via crafted malicious packets.  The device has the functionality, through a CIP class, to…

  • CVE-2023-2423Aug 8, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was discovered in the Rockwell Automation Armor PowerFlex device when the product sends communications to the local event log. Threat actors could exploit this vulnerability by sending an influx of network commands, causing the product to generate an influx of…

  • CVE-2023-2913Jul 18, 2023
    risk 0.00cvss epss 0.01

    An executable used in Rockwell Automation ThinManager ThinServer can be configured to enable an API feature in the HTTPS Server Settings. This feature is disabled by default. When the API is enabled and handling requests, a path traversal vulnerability exists that allows a…

  • CVE-2023-2263Jul 18, 2023
    risk 0.00cvss epss 0.01

    The Rockwell Automation Kinetix 5700 DC Bus Power Supply Series A is vulnerable to CIP fuzzing.  The new ENIP connections cannot be established if impacted by this vulnerability,  which prohibits operational capabilities of the device resulting in a denial-of-service attack. …

  • CVE-2023-3596Jul 12, 2023
    risk 0.00cvss epss 0.02

    Where this vulnerability exists in the Rockwell Automation 1756-EN4* Ethernet/IP communication products, it could allow a malicious user to cause a denial of service by asserting the target system through maliciously crafted CIP messages.

  • CVE-2023-2746Jul 11, 2023
    risk 0.00cvss epss 0.00

    The Rockwell Automation Enhanced HIM software contains an API that the application uses that is not protected sufficiently and uses incorrect Cross-Origin Resource Sharing (CORS) settings and, as a result, is vulnerable to a Cross Site Request Forgery (CSRF) attack. To exploit…

  • CVE-2023-2072Jul 11, 2023
    risk 0.00cvss epss 0.01

    The Rockwell Automation PowerMonitor 1000 contains stored cross-site scripting vulnerabilities within the web page of the product.  The vulnerable pages do not require privileges to access and can be injected with code by an attacker which could be used to leverage an attack on…

  • CVE-2023-2778Jun 13, 2023
    risk 0.00cvss epss 0.01

    A denial-of-service vulnerability exists in Rockwell Automation FactoryTalk Transaction Manager. This vulnerability can be exploited by sending a modified packet to port 400. If exploited, the application could potentially crash or experience a high CPU or memory usage…

  • CVE-2023-2639Jun 13, 2023
    risk 0.00cvss epss 0.00

    The underlying feedback mechanism of Rockwell Automation's FactoryTalk System Services that transfers the FactoryTalk Policy Manager rules to relevant devices on the network does not verify that the origin of the communication is from a legitimate local client device.  This…

  • CVE-2023-2638Jun 13, 2023
    risk 0.00cvss epss 0.00

    Rockwell Automation's FactoryTalk System Services does not verify that a backup configuration archive is password protected.   Improper authorization in FTSSBackupRestore.exe may lead to the loading of malicious configuration archives.  This vulnerability may allow a local,…

  • CVE-2023-2637Jun 13, 2023
    risk 0.00cvss epss 0.00

    Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to generate administrator cookies.  Hard-coded cryptographic key may lead to privilege escalation.  This vulnerability may allow a local, authenticated non-admin user to generate an invalid…

  • CVE-2023-2444May 11, 2023
    risk 0.00cvss epss 0.00

    A cross site request forgery vulnerability exists in Rockwell Automation's FactoryTalk Vantagepoint. This vulnerability can be exploited in two ways. If an attacker sends a malicious link to a computer that is on the same domain as the FactoryTalk Vantagepoint server and a user…

  • CVE-2023-2443May 11, 2023
    risk 0.00cvss epss 0.01

    Rockwell Automation ThinManager product allows the use of medium strength ciphers.  If the client requests an insecure cipher, a malicious actor could potentially decrypt traffic sent between the client and server API.

  • CVE-2023-1834May 11, 2023
    risk 0.00cvss epss 0.01

    Rockwell Automation was made aware that Kinetix 5500 drives, manufactured between May 2022 and January 2023, and are running v7.13 may have the telnet and FTP ports open by default.  This could potentially allow attackers unauthorized access to the device through the open…

  • CVE-2023-29022May 11, 2023
    risk 0.00cvss epss 0.01

    A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could…

  • CVE-2023-29029May 11, 2023
    risk 0.00cvss epss 0.01

    A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could…

  • CVE-2023-29028May 11, 2023
    risk 0.00cvss epss 0.01

    A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could…

  • CVE-2023-29027May 11, 2023
    risk 0.00cvss epss 0.01

    A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could…

  • CVE-2023-29026May 11, 2023
    risk 0.00cvss epss 0.01

    A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could…

  • CVE-2023-29025May 11, 2023
    risk 0.00cvss epss 0.01

    A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could…

  • CVE-2023-29024May 11, 2023
    risk 0.00cvss epss 0.01

    A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product A cross site scripting vulnerability was discovered that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User…

  • CVE-2023-29023May 11, 2023
    risk 0.00cvss epss 0.00

    A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for…

  • CVE-2023-29030May 11, 2023
    risk 0.00cvss epss 0.00

    A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for…

  • CVE-2023-29031May 11, 2023
    risk 0.00cvss epss 0.00

    A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for…

  • CVE-2023-29462May 9, 2023
    risk 0.00cvss epss 0.01

    An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow in the heap. …

  • CVE-2023-29461May 9, 2023
    risk 0.00cvss epss 0.01

    An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow in the heap. …

  • CVE-2023-29460May 9, 2023
    risk 0.00cvss epss 0.01

    An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow potentially resulting in a…

  • CVE-2023-0027Mar 17, 2023
    risk 0.00cvss epss 0.01

    Rockwell Automation Modbus TCP Server AOI prior to 2.04.00 is vulnerable to an unauthorized user sending a malformed message that could cause the controller to respond with a copy of the most recent response to the last valid request. If exploited, an unauthorized user could…

  • CVE-2023-0754Feb 23, 2023
    risk 0.00cvss epss 0.03

    The affected products are vulnerable to an integer overflow or wraparound, which could  allow an attacker to crash the server and remotely execute arbitrary code.

  • CVE-2022-3156Dec 27, 2022
    risk 0.00cvss epss 0.00

    A remote code execution vulnerability exists in Rockwell Automation Studio 5000 Logix Emulate software.  Users are granted elevated permissions on certain product services when the software is installed. Due to this misconfiguration, a malicious user could potentially achieve…

  • CVE-2022-3752Dec 19, 2022
    risk 0.00cvss epss 0.01

    An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic loading to cause a denial-of-service condition in Rockwell Automation Logix controllers resulting in a major non-recoverable fault. If the target device becomes…

  • CVE-2022-3157Dec 16, 2022
    risk 0.00cvss epss 0.01

    A vulnerability exists in the Rockwell Automation controllers that allows a malformed CIP request to cause a major non-recoverable fault (MNRF) and a denial-of-service condition (DOS).

  • CVE-2022-46670Dec 16, 2022
    risk 0.00cvss epss 0.01

    Rockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution.  The…

  • CVE-2022-3166Dec 16, 2022
    risk 0.00cvss epss 0.01

    Rockwell Automation was made aware that the webservers of the Micrologix 1100 and 1400 controllers contain a vulnerability that may lead to a denial-of-service condition. The security vulnerability could be exploited by an attacker with network access to the affected systems by…

  • CVE-2022-38744Oct 27, 2022
    risk 0.00cvss epss 0.01

    An unauthenticated attacker with network access to a victim's Rockwell Automation FactoryTalk Alarm and Events service could open a connection, causing the service to fault and become unavailable. The affected port could be used as a server ping port and uses messages…

  • CVE-2022-3158Oct 17, 2022
    risk 0.00cvss epss 0.03

    Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an input validation vulnerability. The FactoryTalk VantagePoint SQL Server lacks input validation when users enter SQL statements to retrieve information from the back-end…

  • CVE-2022-38743Oct 17, 2022
    risk 0.00cvss epss 0.01

    Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an improper access control vulnerability. The FactoryTalk VantagePoint SQL Server account could allow a malicious user with read-only privileges to execute SQL statements in the…

  • CVE-2022-2465Aug 25, 2022
    risk 0.00cvss epss 0.00

    Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Deserialization of Untrusted Data vulnerability. ISaGRAF Workbench does not limit the objects that can be deserialized. This vulnerability allows attackers to craft a malicious serialized…

  • CVE-2022-2464Aug 25, 2022
    risk 0.00cvss epss 0.00

    Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. Crafted malicious files can allow an attacker to traverse the file system when opened by ISaGRAF Workbench. If successfully exploited, an attacker could…

  • CVE-2022-2463Aug 25, 2022
    risk 0.00cvss epss 0.03

    Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. A crafted malicious .7z exchange file may allow an attacker to gain the privileges of the ISaGRAF Workbench software when opened. If the software is running…

  • CVE-2020-6998Jul 27, 2022
    risk 0.00cvss epss 0.02

    The connection establishment algorithm found in Rockwell Automation CompactLogix 5370 and ControlLogix 5570 versions 33 and prior does not sufficiently manage its control flow during execution, creating an infinite loop. This may allow an attacker to send specially crafted CIP…

  • CVE-2022-2179Jul 20, 2022
    risk 0.00cvss epss 0.01

    The X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and prior is not configured in the HTTP response, which could allow clickjacking attacks.

  • CVE-2022-1797May 31, 2022
    risk 0.00cvss epss 0.02

    A malformed Class 3 common industrial protocol message with a cached connection can cause a denial-of-service condition in Rockwell Automation Logix Controllers, resulting in a major nonrecoverable fault. If the target device becomes unavailable, a user would have to clear the…

  • CVE-2022-1161Apr 11, 2022
    risk 0.00cvss epss 0.05

    An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an…

  • CVE-2022-1159Apr 1, 2022
    risk 0.00cvss epss 0.03

    Rockwell Automation Studio 5000 Logix Designer (all versions) are vulnerable when an attacker who achieves administrator access on a workstation running Studio 5000 Logix Designer could inject controller code undetectable to a user.

  • CVE-2021-32960Apr 1, 2022
    risk 0.00cvss epss 0.02

    Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is enabled and deployed contains a vulnerability that may allow a remote, authenticated attacker to bypass FactoryTalk Security policies based on the computer name. If successfully…

  • CVE-2021-27475Mar 23, 2022
    risk 0.00cvss epss 0.03

    Rockwell Automation Connected Components Workbench v12.00.00 and prior does not limit the objects that can be deserialized. This vulnerability allows attackers to craft a malicious serialized object that, if opened by a local user in Connected Components Workbench, may result in…

  • CVE-2021-27471Mar 23, 2022
    risk 0.00cvss epss 0.03

    The parsing mechanism that processes certain file types does not provide input sanitization for file paths. This may allow an attacker to craft malicious files that, when opened by Rockwell Automation Connected Components Workbench v12.00.00 and prior, can traverse the file…

  • CVE-2021-27476Mar 23, 2022
    risk 0.00cvss epss 0.04

    A vulnerability exists in the SaveConfigFile function of the RACompare Service, which may allow for OS command injection. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in Rockwell Automation FactoryTalk AssetCentre v10.00 and…

Page 5 of 7