Vulnerabilities (CVE)

Filtered by vendor Rockwellautomation Subscribe

Filtered by product Compact Guardlogix 5380 Firmware

Total 4 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-3752	1 Rockwellautomation	10 Compact Guardlogix 5380, Compact Guardlogix 5380 Firmware, Compactlogix 5380 and 7 more	2023-12-10	N/A	7.5 HIGH
An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic loading to cause a denial-of-service condition in Rockwell Automation Logix controllers resulting in a major non-recoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload the user project file to bring the device back online and continue normal operation.
CVE-2022-3157	1 Rockwellautomation	12 Compact Guardlogix 5370, Compact Guardlogix 5370 Firmware, Compact Guardlogix 5380 and 9 more	2023-12-10	N/A	7.5 HIGH
A vulnerability exists in the Rockwell Automation controllers that allows a malformed CIP request to cause a major non-recoverable fault (MNRF) and a denial-of-service condition (DOS).
CVE-2022-1161	1 Rockwellautomation	48 Compact Guardlogix 5370, Compact Guardlogix 5370 Firmware, Compact Guardlogix 5380 and 45 more	2023-12-10	7.5 HIGH	9.8 CRITICAL
An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an attacker to change one and not the other.
CVE-2022-1159	1 Rockwellautomation	10 Compact Guardlogix 5380, Compact Guardlogix 5380 Firmware, Compactlogix 5380 and 7 more	2023-12-10	6.5 MEDIUM	7.2 HIGH
Rockwell Automation Studio 5000 Logix Designer (all versions) are vulnerable when an attacker who achieves administrator access on a workstation running Studio 5000 Logix Designer could inject controller code undetectable to a user.