Filtered by vendor Rockwellautomation
Subscriptions
Total
352 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-45823 | 1 Rockwellautomation | 1 Factorytalk Batch View | 2024-10-02 | 8.1 High |
| CVE-2024-45823 IMPACT An authentication bypass vulnerability exists in the affected product. The vulnerability exists due to shared secrets across accounts and could allow a threat actor to impersonate a user if the threat actor is able to enumerate additional information required during authentication. | ||||
| CVE-2024-45825 | 1 Rockwellautomation | 2 5015-u8ihft, 5015-u8ihft Firmware | 2024-10-02 | 7.5 High |
| CVE-2024-45825 IMPACT A denial-of-service vulnerability exists in the affected products. The vulnerability occurs when a malformed CIP packet is sent over the network to the device and results in a major nonrecoverable fault causing a denial-of-service. | ||||
| CVE-2024-45826 | 1 Rockwellautomation | 1 Thinmanager | 2024-10-02 | 6.8 Medium |
| CVE-2024-45826 IMPACT Due to improper input validation, a path traversal and remote code execution vulnerability exists when the ThinManager® processes a crafted POST request. If exploited, a user can install an executable file. | ||||
| CVE-2024-6077 | 1 Rockwellautomation | 18 1756-en4, 1756-en4 Firmware, Compact Guardlogix 5380 Sil2 Firmware and 15 more | 2024-09-19 | 7.5 High |
| A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover. | ||||
| CVE-2024-8533 | 1 Rockwellautomation | 6 2800c Optixpanel Compact, 2800c Optixpanel Compact Firmware, 2800s Optixpanel Standard and 3 more | 2024-09-19 | 8.8 High |
| A privilege escalation vulnerability exists in the Rockwell Automation affected products. The vulnerability occurs due to improper default file permissions allowing users to exfiltrate credentials and escalate privileges. | ||||
| CVE-2024-7960 | 1 Rockwellautomation | 1 Pavilion8 | 2024-09-19 | 9.1 Critical |
| The Rockwell Automation affected product contains a vulnerability that allows a threat actor to view sensitive information and change settings. The vulnerability exists due to having an incorrect privilege matrix that allows users to have access to functions they should not. | ||||
| CVE-2024-7961 | 1 Rockwellautomation | 1 Pavilion8 | 2024-09-19 | 9.8 Critical |
| A path traversal vulnerability exists in the Rockwell Automation affected product. If exploited, the threat actor could upload arbitrary files to the server that could result in a remote code execution. | ||||
| CVE-2024-6079 | 1 Rockwellautomation | 1 Emulate3d | 2024-08-21 | N/A |
| A vulnerability exists in the Rockwell Automation Emulate3D™, which could be leveraged to execute a DLL Hijacking attack. The application loads shared libraries, which are readable and writable by any user. If exploited, a malicious user could leverage a malicious dll and perform a remote code execution attack. | ||||
| CVE-2024-6078 | 1 Rockwellautomation | 1 Datamosaix | 2024-08-19 | N/A |
| CVE-2024-6078 IMPACT An improper authentication vulnerability exists in the affected product, which could allow a malicious user to generate cookies for any user ID without the use of a username or password. If exploited, a malicious user could take over the account of a legitimate user. The malicious user would be able to view and modify data stored in the cloud. | ||||
| CVE-2024-7507 | 1 Rockwellautomation | 5 Compact Guardlogix 5380 Firmware, Compactlogix 5480 Firmware, Controllogix 5380 Firmware and 2 more | 2024-08-15 | N/A |
| CVE-2024-7507 IMPACT A denial-of-service vulnerability exists in the affected products. This vulnerability occurs when a malformed PCCC message is received, causing a fault in the controller. | ||||
| CVE-2024-7515 | 1 Rockwellautomation | 5 Compact Guardlogix 5380 Firmware, Compactlogix 5380 Firmware, Compactlogix 5480 Firmware and 2 more | 2024-08-15 | N/A |
| CVE-2024-7515 IMPACT A denial-of-service vulnerability exists in the affected products. A malformed PTP management packet can cause a major nonrecoverable fault in the controller. | ||||
| CVE-2024-7567 | 1 Rockwellautomation | 2 Micro850 Firmware, Micro870 Firmware | 2024-08-14 | N/A |
| A denial-of-service vulnerability exists via the CIP/Modbus port in the Rockwell Automation Micro850/870 (2080 -L50E/2080 -L70E). If exploited, the CIP/Modbus communication may be disrupted for short duration. | ||||