Filtered by vendor Rockwellautomation
Subscribe
Total
241 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-12093 | 1 Rockwellautomation | 2 Micrologix 1400, Micrologix 1400 B Firmware | 2023-01-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| An exploitable insufficient resource pool vulnerability exists in the session communication functionality of Allen Bradley Micrologix 1400 Series B Firmware 21.2 and before. A specially crafted stream of packets can cause a flood of the session resource pool resulting in legitimate connections to the PLC being disconnected. An attacker can send unauthenticated packets to trigger this vulnerability. | |||||
| CVE-2017-14468 | 1 Rockwellautomation | 2 Micrologix 1400, Micrologix 1400 B Firmware | 2022-12-14 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information, modification of settings, or modification of ladder logic. An attacker can send unauthenticated packets to trigger this vulnerability. Required Keyswitch State: REMOTE or PROG Description: This ability is leveraged in a larger exploit to flash custom firmware. | |||||
| CVE-2017-14467 | 1 Rockwellautomation | 2 Micrologix 1400, Micrologix 1400 B Firmware | 2022-12-14 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information, modification of settings, or modification of ladder logic. An attacker can send unauthenticated packets to trigger this vulnerability. Required Keyswitch State: REMOTE Description: Live rung edits are able to be made by an unauthenticated user allowing for addition, deletion, or modification of existing ladder logic. Additionally, faults and cpu state modification can be triggered if specific ladder logic is used. | |||||
| CVE-2017-14465 | 1 Rockwellautomation | 2 Micrologix 1400, Micrologix 1400 B Firmware | 2022-12-14 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information, modification of settings, or modification of ladder logic. An attacker can send unauthenticated packets to trigger this vulnerability. Required Keyswitch State: REMOTE Description: Any input or output can be forced, causing unpredictable activity from the PLC. | |||||
| CVE-2017-14466 | 1 Rockwellautomation | 2 Micrologix 1400, Micrologix 1400 B Firmware | 2022-12-14 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information, modification of settings, or modification of ladder logic. An attacker can send unauthenticated packets to trigger this vulnerability. Required Keyswitch State: REMOTE or PROG Description: The filetype 0x03 allows users write access, allowing the ability to overwrite the Master Password value stored in the file. | |||||
| CVE-2017-14464 | 1 Rockwellautomation | 2 Micrologix 1400, Micrologix 1400 B Firmware | 2022-12-14 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information, modification of settings, or modification of ladder logic. An attacker can send unauthenticated packets to trigger this vulnerability.Required Keyswitch State: REMOTE or PROG Associated Fault Code: 0001 Fault Type: Non-User Description: A fault state can be triggered by setting the NVRAM/memory module user program mismatch bit (S2:9) when a memory module is NOT installed. | |||||
| CVE-2017-14463 | 1 Rockwellautomation | 2 Micrologix 1400, Micrologix 1400 B Firmware | 2022-12-14 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information, modification of settings, or modification of ladder logic. An attacker can send unauthenticated packets to trigger this vulnerability. Required Keyswitch State: REMOTE or PROG Associated Fault Code: 0012 Fault Type: Non-User Description: A fault state can be triggered by overwriting the ladder logic data file (type 0x22 number 0x02) with null values. | |||||
| CVE-2017-14462 | 1 Rockwellautomation | 2 Micrologix 1400, Micrologix 1400 B Firmware | 2022-12-14 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information, modification of settings, or modification of ladder logic. An attacker can send unauthenticated packets to trigger this vulnerability. Required Keyswitch State: REMOTE or PROG (also RUN for some) Description: Allows an attacker to enable SNMP, Modbus, DNP, and any other features in the channel configuration. Also allows attackers to change network parameters, such as IP address, name server, and domain name. | |||||
| CVE-2021-32926 | 1 Rockwellautomation | 4 Micro800, Micro800 Firmware, Micrologix 1400 and 1 more | 2022-10-25 | 5.0 MEDIUM | 7.5 HIGH |
| When an authenticated password change request takes place, this vulnerability could allow the attacker to intercept the message that includes the legitimate, new password hash and replace it with an illegitimate hash. The user would no longer be able to authenticate to the controller (Micro800: All versions, MicroLogix 1400: Version 21 and later) causing a denial-of-service condition | |||||
| CVE-2020-25184 | 3 Rockwellautomation, Schneider-electric, Xylem | 31 Aadvance Controller, Isagraf Free Runtime, Isagraf Runtime and 28 more | 2022-10-21 | 2.1 LOW | 5.5 MEDIUM |
| Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x stores the password in plaintext in a file that is in the same directory as the executable file. ISaGRAF Runtime reads the file and saves the data in a variable without any additional modification. A local, unauthenticated attacker could compromise the user passwords, resulting in information disclosure. | |||||
| CVE-2022-3158 | 1 Rockwellautomation | 1 Factorytalk Vantagepoint | 2022-10-20 | N/A | 8.8 HIGH |
| Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an input validation vulnerability. The FactoryTalk VantagePoint SQL Server lacks input validation when users enter SQL statements to retrieve information from the back-end database. If successfully exploited, this could allow a user with basic user privileges to perform remote code execution on the server. | |||||
| CVE-2022-38743 | 1 Rockwellautomation | 1 Factorytalk Vantagepoint | 2022-10-19 | N/A | 8.8 HIGH |
| Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an improper access control vulnerability. The FactoryTalk VantagePoint SQL Server account could allow a malicious user with read-only privileges to execute SQL statements in the back-end database. If successfully exploited, this could allow the attacker to execute arbitrary code and gain access to restricted data. | |||||
| CVE-2022-38742 | 1 Rockwellautomation | 1 Thinmanager | 2022-09-26 | N/A | 9.8 CRITICAL |
| Rockwell Automation ThinManager ThinServer versions 11.0.0 - 13.0.0 is vulnerable to a heap-based buffer overflow. An attacker could send a specifically crafted TFTP or HTTPS request, causing a heap-based buffer overflow that crashes the ThinServer process. If successfully exploited, this could expose the server to arbitrary remote code execution. | |||||
| CVE-2020-6088 | 1 Rockwellautomation | 2 Flex Io 1794-aent\/b, Flex Io 1794-aent\/b Firmware | 2022-08-31 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable denial of service vulnerability exists in the ENIP Request Path Network Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2022-2465 | 1 Rockwellautomation | 1 Isagraf Workbench | 2022-08-27 | N/A | 7.8 HIGH |
| Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Deserialization of Untrusted Data vulnerability. ISaGRAF Workbench does not limit the objects that can be deserialized. This vulnerability allows attackers to craft a malicious serialized object that, if opened by a local user in ISaGRAF Workbench, may result in remote code execution. This vulnerability requires user interaction to be successfully exploited. | |||||
| CVE-2022-2464 | 1 Rockwellautomation | 1 Isagraf Workbench | 2022-08-27 | N/A | 7.8 HIGH |
| Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. Crafted malicious files can allow an attacker to traverse the file system when opened by ISaGRAF Workbench. If successfully exploited, an attacker could overwrite existing files and create additional files with the same permissions of the ISaGRAF Workbench software. User interaction is required for this exploit to be successful. | |||||
| CVE-2022-2463 | 1 Rockwellautomation | 1 Isagraf Workbench | 2022-08-27 | N/A | 7.8 HIGH |
| Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. A crafted malicious .7z exchange file may allow an attacker to gain the privileges of the ISaGRAF Workbench software when opened. If the software is running at the SYSTEM level, then the attacker will gain admin level privileges. User interaction is required for this exploit to be successful. | |||||
| CVE-2010-2965 | 2 Rockwellautomation, Windriver | 3 1756-enbt\/a, 1756-enbt\/a Firmware, Vxworks | 2022-08-05 | 10.0 HIGH | N/A |
| The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804. | |||||
| CVE-2020-6998 | 1 Rockwellautomation | 18 Armor Compact Guardlogix 5370, Armor Compact Guardlogix 5370 Firmware, Compact Guardlogix 5370 and 15 more | 2022-08-04 | N/A | 8.6 HIGH |
| The connection establishment algorithm found in Rockwell Automation CompactLogix 5370 and ControlLogix 5570 versions 33 and prior does not sufficiently manage its control flow during execution, creating an infinite loop. This may allow an attacker to send specially crafted CIP packet requests to a controller, which may cause denial-of-service conditions in communications with other products. | |||||
| CVE-2021-27474 | 1 Rockwellautomation | 1 Factorytalk Assetcentre | 2022-07-29 | 5.0 MEDIUM | 7.5 HIGH |
| Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier does not properly restrict all functions relating to IIS remoting services. This vulnerability may allow a remote, unauthenticated attacker to modify sensitive data in FactoryTalk AssetCentre. | |||||