Vulnerabilities (CVE)

Filtered by vendor Rockwellautomation Subscribe
Total 240 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-14504 1 Rockwellautomation 4 1734-aentr Point I\/o Dual Port Network Adaptor Series B, 1734-aentr Point I\/o Dual Port Network Adaptor Series B Firmware, 1734-aentr Point I\/o Dual Port Network Adaptor Series C and 1 more 2023-12-10 5.0 MEDIUM 5.3 MEDIUM
The web interface of the 1734-AENTR communication module mishandles authentication for HTTP POST requests. A remote, unauthenticated attacker can send a crafted request that may allow for modification of the configuration settings.
CVE-2021-27474 1 Rockwellautomation 1 Factorytalk Assetcentre 2023-12-10 5.0 MEDIUM 7.5 HIGH
Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier does not properly restrict all functions relating to IIS remoting services. This vulnerability may allow a remote, unauthenticated attacker to modify sensitive data in FactoryTalk AssetCentre.
CVE-2021-27466 1 Rockwellautomation 1 Factorytalk Assetcentre 2023-12-10 7.5 HIGH 9.8 CRITICAL
A deserialization vulnerability exists in how the ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in FactoryTalk AssetCentre.
CVE-2021-27475 1 Rockwellautomation 1 Connected Components Workbench 2023-12-10 6.8 MEDIUM 8.6 HIGH
Rockwell Automation Connected Components Workbench v12.00.00 and prior does not limit the objects that can be deserialized. This vulnerability allows attackers to craft a malicious serialized object that, if opened by a local user in Connected Components Workbench, may result in remote code execution. This vulnerability requires user interaction to be successfully exploited.
CVE-2022-1159 1 Rockwellautomation 10 Compact Guardlogix 5380, Compact Guardlogix 5380 Firmware, Compactlogix 5380 and 7 more 2023-12-10 6.5 MEDIUM 7.2 HIGH
Rockwell Automation Studio 5000 Logix Designer (all versions) are vulnerable when an attacker who achieves administrator access on a workstation running Studio 5000 Logix Designer could inject controller code undetectable to a user.
CVE-2020-25184 3 Rockwellautomation, Schneider-electric, Xylem 31 Aadvance Controller, Isagraf Free Runtime, Isagraf Runtime and 28 more 2023-12-10 2.1 LOW 5.5 MEDIUM
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x stores the password in plaintext in a file that is in the same directory as the executable file. ISaGRAF Runtime reads the file and saves the data in a variable without any additional modification. A local, unauthenticated attacker could compromise the user passwords, resulting in information disclosure.
CVE-2020-25182 3 Rockwellautomation, Schneider-electric, Xylem 31 Aadvance Controller, Isagraf Free Runtime, Isagraf Runtime and 28 more 2023-12-10 4.6 MEDIUM 6.7 MEDIUM
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x searches for and loads DLLs as dynamic libraries. Uncontrolled loading of dynamic libraries could allow a local, unauthenticated attacker to execute arbitrary code. This vulnerability only affects ISaGRAF Runtime when running on Microsoft Windows systems.
CVE-2021-32960 1 Rockwellautomation 1 Factorytalk Services Platform 2023-12-10 6.0 MEDIUM 8.8 HIGH
Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is enabled and deployed contains a vulnerability that may allow a remote, authenticated attacker to bypass FactoryTalk Security policies based on the computer name. If successfully exploited, this may allow an attacker to have the same privileges as if they were logged on to the client machine.
CVE-2021-27473 1 Rockwellautomation 1 Connected Components Workbench 2023-12-10 6.9 MEDIUM 8.2 HIGH
Rockwell Automation Connected Components Workbench v12.00.00 and prior does not sanitize paths specified within the .ccwarc archive file during extraction. This type of vulnerability is also commonly referred to as a Zip Slip. A local, authenticated attacker can create a malicious .ccwarc archive file that, when opened by Connected Components Workbench, will allow the attacker to gain the privileges of the software. If the software is running at SYSTEM level, the attacker will gain admin level privileges. User interaction is required for this exploit to be successful.
CVE-2021-27468 1 Rockwellautomation 1 Factorytalk Assetcentre 2023-12-10 7.5 HIGH 9.8 CRITICAL
The AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier exposes functions lacking proper authentication. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary SQL statements.
CVE-2020-14502 1 Rockwellautomation 4 1734-aentr Point I\/o Dual Port Network Adaptor Series B, 1734-aentr Point I\/o Dual Port Network Adaptor Series B Firmware, 1734-aentr Point I\/o Dual Port Network Adaptor Series C and 1 more 2023-12-10 4.3 MEDIUM 6.1 MEDIUM
The web interface of the 1734-AENTR communication module is vulnerable to stored XSS. A remote, unauthenticated attacker could store a malicious script within the web interface that, when executed, could modify some string values on the homepage of the web interface.
CVE-2021-33012 1 Rockwellautomation 2 Micrologix 1100, Micrologix 1100 Firmware 2023-12-10 5.0 MEDIUM 8.6 HIGH
Rockwell Automation MicroLogix 1100, all versions, allows a remote, unauthenticated attacker sending specially crafted commands to cause the PLC to fault when the controller is switched to RUN mode, which results in a denial-of-service condition. If successfully exploited, this vulnerability will cause the controller to fault whenever the controller is switched to RUN mode.
CVE-2021-32926 1 Rockwellautomation 4 Micro800, Micro800 Firmware, Micrologix 1400 and 1 more 2023-12-10 5.0 MEDIUM 7.5 HIGH
When an authenticated password change request takes place, this vulnerability could allow the attacker to intercept the message that includes the legitimate, new password hash and replace it with an illegitimate hash. The user would no longer be able to authenticate to the controller (Micro800: All versions, MicroLogix 1400: Version 21 and later) causing a denial-of-service condition
CVE-2020-5806 1 Rockwellautomation 1 Factorytalk Linx 2023-12-10 2.1 LOW 5.5 MEDIUM
An attacker-controlled memory allocation size can be passed to the C++ new operator in the CServerManager::HandleBrowseLoadIconStreamRequest in messaging.dll. This can be done by sending a specially crafted message to 127.0.0.1:7153. Observed in FactoryTalk Linx 6.11. All versions of FactoryTalk Linx are affected.
CVE-2020-14516 1 Rockwellautomation 1 Factorytalk Services Platform 2023-12-10 7.5 HIGH 10.0 CRITICAL
In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an issue with the implementation of the SHA-256 hashing algorithm with FactoryTalk Services Platform that prevents the user password from being hashed properly.
CVE-2020-6084 1 Rockwellautomation 1 Flex I\/o 1794-aent 2023-12-10 7.8 HIGH 7.5 HIGH
An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability by sending an Electronic Key Segment with less bytes than required by the Key Format Table.
CVE-2020-5801 1 Rockwellautomation 1 Factorytalk Linx 2023-12-10 5.0 MEDIUM 7.5 HIGH
An attacker can craft and send an OpenNamespace message to port 4241 with valid session-id that triggers an unhandled exception in CFTLDManager::HandleRequest function in RnaDaSvr.dll, resulting in process termination. Observed in FactoryTalk Linx 6.11. All versions of FactoryTalk Linx are affected.
CVE-2020-27255 1 Rockwellautomation 1 Factorytalk Linx 2023-12-10 5.0 MEDIUM 7.5 HIGH
A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious set attribute requests, which could result in the leaking of sensitive information. This information disclosure could lead to the bypass of address space layout randomization (ASLR).
CVE-2020-27267 4 Ge, Ptc, Rockwellautomation and 1 more 7 Industrial Gateway Server, Kepware Kepserverex, Opc-aggregator and 4 more 2023-12-10 6.4 MEDIUM 9.1 CRITICAL
KEPServerEX v6.0 to v6.9, ThingWorx Kepware Server v6.8 and v6.9, ThingWorx Industrial Connectivity (all versions), OPC-Aggregator (all versions), Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server v7.68.804 and v7.66, and Software Toolbox TOP Server all 6.x versions, are vulnerable to a heap-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and potentially leak data.
CVE-2020-27263 4 Ge, Ptc, Rockwellautomation and 1 more 7 Industrial Gateway Server, Kepware Kepserverex, Opc-aggregator and 4 more 2023-12-10 6.4 MEDIUM 9.1 CRITICAL
KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions, are vulnerable to a heap-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and potentially leak data.