Filtered by vendor Rockwellautomation
Subscribe
Total
258 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-38742 | 1 Rockwellautomation | 1 Thinmanager | 2024-02-28 | N/A | 9.8 CRITICAL |
Rockwell Automation ThinManager ThinServer versions 11.0.0 - 13.0.0 is vulnerable to a heap-based buffer overflow. An attacker could send a specifically crafted TFTP or HTTPS request, causing a heap-based buffer overflow that crashes the ThinServer process. If successfully exploited, this could expose the server to arbitrary remote code execution. | |||||
CVE-2022-2463 | 1 Rockwellautomation | 1 Isagraf Workbench | 2024-02-28 | N/A | 7.8 HIGH |
Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. A crafted malicious .7z exchange file may allow an attacker to gain the privileges of the ISaGRAF Workbench software when opened. If the software is running at the SYSTEM level, then the attacker will gain admin level privileges. User interaction is required for this exploit to be successful. | |||||
CVE-2022-2464 | 1 Rockwellautomation | 1 Isagraf Workbench | 2024-02-28 | N/A | 7.8 HIGH |
Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. Crafted malicious files can allow an attacker to traverse the file system when opened by ISaGRAF Workbench. If successfully exploited, an attacker could overwrite existing files and create additional files with the same permissions of the ISaGRAF Workbench software. User interaction is required for this exploit to be successful. | |||||
CVE-2022-2465 | 1 Rockwellautomation | 1 Isagraf Workbench | 2024-02-28 | N/A | 7.8 HIGH |
Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Deserialization of Untrusted Data vulnerability. ISaGRAF Workbench does not limit the objects that can be deserialized. This vulnerability allows attackers to craft a malicious serialized object that, if opened by a local user in ISaGRAF Workbench, may result in remote code execution. This vulnerability requires user interaction to be successfully exploited. | |||||
CVE-2022-38744 | 1 Rockwellautomation | 1 Factorytalk Alarms And Events | 2024-02-28 | N/A | 7.5 HIGH |
An unauthenticated attacker with network access to a victim's Rockwell Automation FactoryTalk Alarm and Events service could open a connection, causing the service to fault and become unavailable. The affected port could be used as a server ping port and uses messages structured with XML. | |||||
CVE-2022-38743 | 1 Rockwellautomation | 1 Factorytalk Vantagepoint | 2024-02-28 | N/A | 8.8 HIGH |
Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an improper access control vulnerability. The FactoryTalk VantagePoint SQL Server account could allow a malicious user with read-only privileges to execute SQL statements in the back-end database. If successfully exploited, this could allow the attacker to execute arbitrary code and gain access to restricted data. | |||||
CVE-2021-27470 | 1 Rockwellautomation | 1 Factorytalk Assetcentre | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A deserialization vulnerability exists in how the LogService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in FactoryTalk AssetCentre. | |||||
CVE-2021-27466 | 1 Rockwellautomation | 1 Factorytalk Assetcentre | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A deserialization vulnerability exists in how the ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in FactoryTalk AssetCentre. | |||||
CVE-2021-27460 | 1 Rockwellautomation | 1 Factorytalk Assetcentre | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier components contain .NET remoting endpoints that deserialize untrusted data without sufficiently verifying that the resulting data will be valid. This vulnerability may allow a remote, unauthenticated attacker to gain full access to the FactoryTalk AssetCentre main server and all agent machines. | |||||
CVE-2022-1161 | 1 Rockwellautomation | 48 Compact Guardlogix 5370, Compact Guardlogix 5370 Firmware, Compact Guardlogix 5380 and 45 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an attacker to change one and not the other. | |||||
CVE-2021-27462 | 1 Rockwellautomation | 1 Factorytalk Assetcentre | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A deserialization vulnerability exists in how the AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in FactoryTalk AssetCentre. | |||||
CVE-2021-27464 | 1 Rockwellautomation | 1 Factorytalk Assetcentre | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
The ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier exposes functions lacking proper authentication. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary SQL statements. | |||||
CVE-2020-14478 | 1 Rockwellautomation | 1 Factorytalk Services Platform | 2024-02-28 | 5.6 MEDIUM | 7.1 HIGH |
A local, authenticated attacker could use an XML External Entity (XXE) attack to exploit weakly configured XML files to access local or remote content. A successful exploit could potentially cause a denial-of-service condition and allow the attacker to arbitrarily read any local file via system-level services. | |||||
CVE-2020-25180 | 3 Rockwellautomation, Schneider-electric, Xylem | 31 Aadvance Controller, Isagraf Free Runtime, Isagraf Runtime and 28 more | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x includes the functionality of setting a password that is required to execute privileged commands. The password value passed to ISaGRAF Runtime is the result of encryption performed with a fixed key value using the tiny encryption algorithm (TEA) on an entered or saved password. A remote, unauthenticated attacker could pass their own encrypted password to the ISaGRAF 5 Runtime, which may result in information disclosure on the device. | |||||
CVE-2022-1018 | 1 Rockwellautomation | 3 Connected Components Workbench, Isagraf, Safety Instrumented Systems Workstation | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
When opening a malicious solution file provided by an attacker, the application suffers from an XML external entity vulnerability due to an unsafe call within a dynamic link library file. An attacker could exploit this to pass data from local files to a remote web server, leading to a loss of confidentiality. | |||||
CVE-2020-14504 | 1 Rockwellautomation | 4 1734-aentr Point I\/o Dual Port Network Adaptor Series B, 1734-aentr Point I\/o Dual Port Network Adaptor Series B Firmware, 1734-aentr Point I\/o Dual Port Network Adaptor Series C and 1 more | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
The web interface of the 1734-AENTR communication module mishandles authentication for HTTP POST requests. A remote, unauthenticated attacker can send a crafted request that may allow for modification of the configuration settings. | |||||
CVE-2021-27473 | 1 Rockwellautomation | 1 Connected Components Workbench | 2024-02-28 | 6.9 MEDIUM | 8.2 HIGH |
Rockwell Automation Connected Components Workbench v12.00.00 and prior does not sanitize paths specified within the .ccwarc archive file during extraction. This type of vulnerability is also commonly referred to as a Zip Slip. A local, authenticated attacker can create a malicious .ccwarc archive file that, when opened by Connected Components Workbench, will allow the attacker to gain the privileges of the software. If the software is running at SYSTEM level, the attacker will gain admin level privileges. User interaction is required for this exploit to be successful. | |||||
CVE-2021-27471 | 1 Rockwellautomation | 1 Connected Components Workbench | 2024-02-28 | 6.8 MEDIUM | 8.6 HIGH |
The parsing mechanism that processes certain file types does not provide input sanitization for file paths. This may allow an attacker to craft malicious files that, when opened by Rockwell Automation Connected Components Workbench v12.00.00 and prior, can traverse the file system. If successfully exploited, an attacker could overwrite existing files and create additional files with the same permissions of the Connected Components Workbench software. User interaction is required for this exploit to be successful. | |||||
CVE-2021-27476 | 1 Rockwellautomation | 1 Factorytalk Assetcentre | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A vulnerability exists in the SaveConfigFile function of the RACompare Service, which may allow for OS command injection. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier. | |||||
CVE-2021-27468 | 1 Rockwellautomation | 1 Factorytalk Assetcentre | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
The AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier exposes functions lacking proper authentication. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary SQL statements. |