Loading

Rockwell Automation Security Advisories

We investigate all internally and externally reported security issues and publish security advisories for all validated security vulnerabilities. These advisories allow our customers and partners to assess the impact of the vulnerabilities and take appropriate action.
Have a Security Concern? SIGN UP FOR ALERTS
VULNERABILITY POLICY

Welcome to the new Rockwell Automation Security Advisory portal. Click here to read more about our security advisory initiative.

We recently relocated all security advisories to this public-facing Security Advisory Portal, which is part of Rockwell Automation’s Trust Center. In the past, our security advisories were stored in the Rockwell Automation Knowledgebase and required authentication to obtain access. This new portal gives customers and partners easier access to advisories, which enables them to better manage the security posture of Rockwell Automation solutions.

Our new Security Advisory Portal includes search and filter functionality, enabling customers to more easily find advisories on their products. Security advisories now include Common Security Advisory Framework 2.0 (CSAF) content, a standard that supports automated security advisory ingestion and helps customers intake vulnerability management data faster. Our security advisories also include Known Exploited Vulnerability (KEV)

data. The US Cybersecurity & Infrastructure Security Agency (CISA) maintains the authoritative source of vulnerabilities exploited in the wild and lists exploited vulnerabilities in the (KEV) catalog. We strongly encourage customers to use this information to prioritize remediation efforts within their vulnerability management processes.

These changes support our commitment to security and transparency. The legacy Industrial Security Advisory Index page in the Knowledgebase will remain accessible through mid-2024 to allow customers time to transition to the new portal. Customers will continue to receive email alerts based on their subscription preferences and can subscribe for alerts using the link on the Security Advisory portal.
Ordenar y filtrar
CloseClose
CloseClose

Filtrar y refinar

263 Results

Mostrando
1
-
15
de
263
Resultados
  • Alphabetical (A-Z)
  • Alphabetical (Z-A)
  • Most Recent
  • Oldest
Most Recent
SearchSearch
Ordenar por
Fecha de publicación
Fecha de la última actualización
CVSS Score
Producto
SearchSearch
Known Exploited Vulnerability (KEV)
Corrected
Workaround
Products Affected
SearchSearch
Filtrar resultados
Mostrando
1
-
15
de
263
Resultados
High
SD1727 | Local Privilege Escalation and denial-of-service Vulnerability in ThinManager®
Published Date:
April 15, 2025
Last Updated:
April 23, 2025
CVE IDs:
CVE-2025-3617 , CVE-2025-3618
CVSS Scores (v3.1):
7.8
CVSS Scores (v4.0):
8.5
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1726 | Local Code Execution Vulnerabilities in Arena®
Published Date:
April 07, 2025
Last Updated:
April 07, 2025
CVE IDs:
CVE-2025-2285, CVE-2025-2286, CVE-2025-2287, CVE-2025-2288, CVE-2025-2293, CVE-2025-2829, CVE-2025-3285, CVE-2025-3286, CVE-2025-3287, CVE-2025-3288, CVE-2025-3289
CVSS Scores (v3.1):
7.8
CVSS Scores (v4.0):
8.5
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1725 | Third-party Local Code Execution Vulnerability in 440G TLS-Z
Published Date:
March 24, 2025
Last Updated:
March 24, 2025
CVE IDs:
CVE 2020-27212
Products:
440G TLS-Z
CVSS Scores (v3.1):
7.0
CVSS Scores (v4.0):
7.3
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
Critical
SD1724 | Lifecycle Services with Veeam Backup and Replication are Vulnerable to third-party Vulnerabilities
Published Date:
March 21, 2025
Last Updated:
March 21, 2025
CVE IDs:
CVE-2025-23120
CVSS Scores (v3.1):
9.9
CVSS Scores (v4.0):
9.4
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
Critical
SD1723 | Admin Shell Access Vulnerability in Verve Asset Manager
Published Date:
March 20, 2025
Last Updated:
March 20, 2025
CVE IDs:
CVE-2025-1449
CVSS Scores (v3.1):
9.1
CVSS Scores (v4.0):
8.9
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
SD1722 | Lifecycle Services with VMware are Vulnerable to third-party Vulnerabilities
Published Date:
March 07, 2025
Last Updated:
March 07, 2025
CVE IDs:
CVE-2025-22224, CVE-2025-22225, CVE-2025-22226
CVSS Scores (v3.1):
9.3, 8.2, 7.1
CVSS Scores (v4.0):
9.4, 9.3, 8..2
Known Exploited Vulnerability (KEV):
Yes
Corrected:
Yes
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
Critical
SD1721 | FactoryTalk® AssetCentre Multiple Vulnerabilities
Published Date:
January 29, 2025
Last Updated:
January 29, 2025
CVE IDs:
CVE-2025-0477 , CVE-2025-0497, CVE-2025-0498
CVSS Scores (v3.1):
9.8, 7.0, 7.8
CVSS Scores (v4.0):
9.3, 7.3, 7.0
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
Critical
SD1715 | Path Traversal and Third-party Vulnerability in DataMosaix™ Private Cloud
Published Date:
January 28, 2025
Last Updated:
January 28, 2025
CVE IDs:
CVE-2025-0659, CVE-2020-11656
CVSS Scores (v3.1):
5.5, 9.8
CVSS Scores (v4.0):
7.0, 9.3
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1718 | 5380/5580 Denial-of-Service Vulnerability
Published Date:
January 28, 2025
Last Updated:
January 30, 2025
CVE IDs:
CVE-2025-24478
CVSS Scores (v3.1):
6.5
CVSS Scores (v4.0):
7.1
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
High
SD1720 | FactoryTalk® View Site Edition Multiple Vulnerabilities
Published Date:
January 28, 2025
Last Updated:
January 28, 2025
CVE IDs:
CVE-2025-24481, CVE-2025-24482
CVSS Scores (v3.1):
7.3
CVSS Scores (v4.0):
7.0
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
Critical
SD1719 | FactoryTalk® View Machine Edition Multiple Vulnerabilities
Published Date:
January 28, 2025
Last Updated:
February 05, 2025
CVE IDs:
CVE-2025-24479, CVE-2025-24480
CVSS Scores (v3.1):
8.4, 9.8
CVSS Scores (v4.0):
8.6, 9.3
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
High
SD1717 | PowerFlex® 755 Credential Exposure Vulnerability
Published Date:
January 28, 2025
Last Updated:
January 28, 2025
CVE IDs:
CVE-2025-0631
Products:
PowerFlex 755
CVSS Scores (v3.1):
7.5
CVSS Scores (v4.0):
8.7
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1716 | KEPServer Denial-of-Service Vulnerability Found During Pwn2Own Competition
Published Date:
January 28, 2025
Last Updated:
January 28, 2025
CVE IDs:
CVE-2023-3825
Products:
KEPServer
CVSS Scores (v3.1):
7.5
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
SD1714 | PowerMonitor™ 1000 Remote Code Execution and denial-of-service Vulnerabilities via HTTP protocol
Published Date:
December 17, 2024
Last Updated:
December 17, 2024
CVE IDs:
CVE-2024-12371 , CVE-2024-12372 , CVE-2024-12373
CVSS Scores (v3.1):
9.8, 9.8, 9.8
CVSS Scores (v4.0):
9.3, 9.3, 9.3
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1713 | Multiple Code Execution Vulnerabilities in Arena®
Published Date:
December 04, 2024
Last Updated:
December 19, 2024
CVE IDs:
CVE-2024-11155 , CVE-2024-11156 , CVE-2024-11158 , CVE-2024 -12130 , CVE-2024-11157, CVE-2024-12672, CVE-2024-11364, CVE-2024-12175
CVSS Scores (v3.1):
7.8
CVSS Scores (v4.0):
8.5
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
High
SD1712 | Third Party Remote Code Execution Vulnerability in Verve Reporting
Published Date:
November 14, 2024
Last Updated:
November 14, 2024
CVE IDs:
CVE-2024-37287
CVSS Scores (v3.1):
7.2
CVSS Scores (v4.0):
8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
High
SD1711 | Input Validation Vulnerability exists in Arena® Input Analyzer
Published Date:
November 14, 2024
Last Updated:
November 13, 2024
CVE IDs:
CVE-2024-6068
Products:
Arena® Input Analyzer
CVSS Scores (v3.1):
7.3
CVSS Scores (v4.0):
7.0
Revision Number:
1.0
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
SD1710 | FactoryTalk® Updater Multiple Vulnerabilities
Published Date:
November 12, 2024
Last Updated:
November 12, 2024
CVE IDs:
CVE-2024-10943, CVE-2024-10944, CVE-2024-10945
Products:
FactoryTalk Updater
CVSS Scores (v3.1):
9.1, 8.4, 7.3
CVSS Scores (v4.0):
9.1, 7.1, 7.0
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
High
SD1709 | FactoryTalk View ME Remote Code Execution Vulnerability via Project Save Path
Published Date:
November 12, 2024
Last Updated:
November 12, 2024
CVE IDs:
CVE-2024-37365
Products:
FactoryTalk View Machine Edition
CVSS Scores (v3.1):
7.3
CVSS Scores (v4.0):
7.0
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
Critical
SD1708 | ThinManager® Multiple Vulnerabilities
Published Date:
October 25, 2024
Last Updated:
October 25, 2024
CVE IDs:
CVE-2024-10386, CVE-2024-10387
Products:
FactoryTalk ThinManager
CVSS Scores (v3.1):
9.8, 7.5
CVSS Scores (v4.0):
9.3, 8.7
Revision Number:
1
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
High
SD1707 | ControlLogix Vulnerable to Denial of Service via CIP Messages
Published Date:
October 10, 2024
Last Updated:
October 10, 2024
CVE IDs:
CVE-2024-6207
CVSS Scores (v3.1):
7.5
CVSS Scores (v4.0):
8.7
Revision Number:
1.0
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1705 | PowerFlex 6000T CIP Security denial-of-service Vulnerability
Published Date:
October 07, 2024
Last Updated:
October 07, 2024
CVE IDs:
CVE-2024-9124
CVSS Scores (v3.1):
7.5
CVSS Scores (v4.0):
8.2
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1706 | Logix Controllers Vulnerable to Denial-of-Service Vulnerability
Published Date:
October 07, 2024
Last Updated:
October 10, 2024
CVE IDs:
CVE-2024-8626
CVSS Scores (v3.1):
7.5
CVSS Scores (v4.0):
8.7
Revision Number:
2
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
SD1704 | Improper Authorization Vulnerability in Verve® Asset Manager
Published Date:
October 04, 2024
Last Updated:
October 04, 2024
CVE IDs:
CVE-2024-9412
CVSS Scores (v3.1):
6.8
CVSS Scores (v4.0):
8.4
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
SD1703 | DataMosaix™ Private Cloud third-party Vulnerabilities
Published Date:
October 04, 2024
Last Updated:
October 04, 2024
CVE IDs:
CVE-2019-14855, CVE-2019-17543, CVE-2019-18276, CVE-2019-19244, CVE-2019-989, CVE-2019-9923
CVSS Scores (v3.1):
7.5, 8.1, 7.8, 7.5, 9.8, 7.5
CVSS Scores (v4.0):
9.3, 8.7, 9.3, 8.7
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1702 | Sensitive Data Exposure and Escalating Privileges Vulnerabilities in DataMosaix™ Private Cloud
Published Date:
October 04, 2024
Last Updated:
October 04, 2024
CVE IDs:
CVE-2024-7952, CVE-2024-7953, CVE-2024-7956
CVSS Scores (v3.1):
7.5, 8.8, 8.1
CVSS Scores (v4.0):
7.5, 8.7, 7.6
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1701 | RSLogix™ 5 and RSLogix 500® Remote Code Execution Via VBA Embedded Script
Published Date:
September 16, 2024
Last Updated:
October 14, 2024
CVE IDs:
CVE-2024-7847
CVSS Scores (v3.1):
7.7
CVSS Scores (v4.0):
8.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
High
SD1699 | 5015-U8IHFT Denial-of-Service Vulnerability via CIP Message
Published Date:
September 12, 2024
Last Updated:
November 11, 2024
CVE IDs:
CVE-2024-45825
CVSS Scores (v3.1):
7.5
CVSS Scores (v4.0):
8.7
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
SD1698 | FactoryTalk® Batch View™ Authentication Bypass Vulnerability via shared secrets
Published Date:
September 12, 2024
Last Updated:
November 11, 2024
CVE IDs:
CVE-2024-45823
CVSS Scores (v3.1):
8.1
CVSS Scores (v4.0):
9.2
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1700 | ThinManager® Code Execution Vulnerability
Published Date:
September 12, 2024
Last Updated:
November 11, 2024
CVE IDs:
CVE-2024-45826
CVSS Scores (v3.1):
6.8
CVSS Scores (v4.0):
8.5
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1697 | AADvance® Trusted® SIS Workstation contains multiple 7-ZIP Vulnerabilities
Published Date:
September 12, 2024
Last Updated:
November 11, 2024
CVE IDs:
CVE-2023-31102, CVE-2023-40481
CVSS Scores (v3.1):
7.8
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
SD1696 | FactoryTalk® View Site Edition Remote Code Execution Vulnerability via Lack of Input Validation
Published Date:
September 12, 2024
Last Updated:
November 13, 2024
CVE IDs:
CVE-2024-45824
CVSS Scores (v3.1):
9.8
CVSS Scores (v4.0):
9.2
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1695 | Incorrect Privileges and Path Traversal Vulnerability in Pavilion8®
Published Date:
September 11, 2024
Last Updated:
October 16, 2024
CVE IDs:
CVE-2024-7960 , CVE-2024-7961
CVSS Scores (v3.1):
7.6, 7.2
CVSS Scores (v4.0):
8.8, 8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1694 | OptixPanel™ Privilege Escalation Vulnerability via File Permissions
Published Date:
September 10, 2024
Last Updated:
November 13, 2024
CVE IDs:
CVE-2024-8533
CVSS Scores (v3.1):
7.5
CVSS Scores (v4.0):
7.7
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1693 | ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix® 5380 Vulnerable to DoS vulnerability via CIP
Published Date:
September 10, 2024
Last Updated:
November 13, 2024
CVE IDs:
CVE-2024-6077
CVSS Scores (v3.1):
7.5
CVSS Scores (v4.0):
8.7
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
SD1692 | ThinManager® ThinServer™ Information Disclosure and Remote Code Execution Vulnerabilities
Published Date:
August 21, 2024
Last Updated:
November 19, 2024
CVE IDs:
CVE-2024-7986, CVE 2024-7987, CVE 2024 -7988
CVSS Scores (v3.1):
5.5, 7.8, 9.8
CVSS Scores (v4.0):
6.8, 8.5, 9.3
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1691 | Pavilion8® Unencrypted Data Vulnerability via HTTP protocol
Published Date:
August 13, 2024
Last Updated:
November 13, 2024
CVE IDs:
CVE-2024-40620
CVSS Scores (v3.1):
7.4
CVSS Scores (v4.0):
5.3
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1690 | GuardLogix/ControlLogix 5580 Controller denial-of-service Vulnerability via Malformed Packet Handling
Published Date:
August 13, 2024
Last Updated:
September 13, 2024
CVE IDs:
CVE-2024-40619
CVSS Scores (v3.1):
7.5
CVSS Scores (v4.0):
8.7
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1689 | AADvance® Standalone OPC-DA Server Code Execution Vulnerability via Vulnerable Component
Published Date:
August 13, 2024
Last Updated:
November 19, 2024
CVE IDs:
CVE-2018-1285, CVE-2006-0743
CVSS Scores (v3.1):
7.5, 5.3
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1688 | FactoryTalk® View Site Edition Code Execution Vulnerability via File Permissions
Published Date:
August 13, 2024
Last Updated:
November 19, 2024
CVE IDs:
CVE-2024-7513
CVSS Scores (v3.1):
8.8
CVSS Scores (v4.0):
8.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
High
SD1687 | Authentication Bypass Vulnerability in DataMosaix™
Published Date:
August 13, 2024
Last Updated:
November 20, 2024
CVE IDs:
CVE-2024-6078
CVSS Scores (v3.1):
9.1
CVSS Scores (v4.0):
8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1686 | ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix® 5380 Controller Denial-of-Service Vulnerability via Input Validation
Published Date:
August 13, 2024
Last Updated:
November 19, 2024
CVE IDs:
CVE-2024-7515
CVSS Scores (v3.1):
8.6
CVSS Scores (v4.0):
8.7
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
Medium
SD1684 | Micro850/870 Vulnerable to denial-of-service Vulnerability via CIP/Modbus Port
Published Date:
August 12, 2024
Last Updated:
October 16, 2024
CVE IDs:
CVE 2024 7567
CVSS Scores (v3.1):
5.3
CVSS Scores (v4.0):
6.9
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
SD1683 | DLL Hijacking Vulnerability Exists in Emulate3D™
Published Date:
August 12, 2024
Last Updated:
November 19, 2024
CVE IDs:
CVE-2024-6079
CVSS Scores (v3.1):
6.7
CVSS Scores (v4.0):
5.4
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1682 | Chassis Restrictions Bypass Vulnerability in Select Logix Devices
Published Date:
July 31, 2024
Last Updated:
October 16, 2024
CVE IDs:
CVE-2024-6242
CVSS Scores (v3.1):
8.4
CVSS Scores (v4.0):
7.3
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
High
SD1681 | Privilege Escalation Vulnerability in Pavilion8®
Published Date:
July 16, 2024
Last Updated:
November 20, 2024
CVE IDs:
CVE-2024-6435
CVSS Scores (v3.1):
8.8
CVSS Scores (v4.0):
8.7
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1680 | Major nonrecoverable fault in 5015 – AENFTXT
Published Date:
July 10, 2024
Last Updated:
November 20, 2024
Products:
CVE-2024-6089
CVSS Scores (v3.1):
7.5
CVSS Scores (v4.0):
8.7
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1679 | Input Validation Vulnerability exists in the SequenceManager™ Server
Published Date:
July 10, 2024
Last Updated:
September 27, 2024
CVE IDs:
CVE-2024-6436
CVSS Scores (v3.1):
7.5
CVSS Scores (v4.0):
8.7
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
SD1678 | Unsecured Private Keys in FactoryTalk® System Services
Published Date:
July 02, 2024
Last Updated:
December 01, 2024
CVE IDs:
CVE-2024-6325 , CVE-2024-6236
CVSS Scores (v3.1):
6.5, 5.9
CVSS Scores (v4.0):
6.0, 1.8
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
SD1677 | ThinManager® ThinServer™ Improper Input Validation Vulnerabilities
Published Date:
June 20, 2024
Last Updated:
October 16, 2024
CVE IDs:
CVE-2024-5988 , CVE-2024-5989, CVE-2024-5990
CVSS Scores (v3.1):
9.8, 7.5
CVSS Scores (v4.0):
9.3, 8.7
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
Critical
SD1676 | FactoryTalk® View SE v11 Information Leakage Vulnerability via Authentication Restriction
Published Date:
June 12, 2024
Last Updated:
December 01, 2024
CVE IDs:
CVE-2024-37368
CVSS Scores (v3.1):
9.8
CVSS Scores (v4.0):
9.2
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1675 | FactoryTalk® View SE v12 Information Leakage Vulnerability via Authentication Restriction
Published Date:
June 12, 2024
Last Updated:
December 01, 2024
CVE IDs:
CVE-2024-37367
CVSS Scores (v3.1):
9.8
CVSS Scores (v4.0):
9.2
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1674 | FactoryTalk® View SE Local Privilege Escalation Vulnerability via Local File Permissions
Published Date:
June 12, 2024
Last Updated:
December 01, 2024
CVE IDs:
CVE-2024-37369
CVSS Scores (v3.1):
7.8
CVSS Scores (v4.0):
8.5
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1673 | Multicast Request Causes major nonrecoverable fault on Select Controllers
Published Date:
June 12, 2024
Last Updated:
December 01, 2024
CVE IDs:
CVE 2024-5659
CVSS Scores (v3.1):
7.4
CVSS Scores (v4.0):
8.3
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
SD1672 | IMPORTANT NOTICE: Rockwell Automation Reiterates Customer Guidance to Disconnect Devices from the Internet to Protect from Cyber Threats
Published Date:
May 21, 2024
Last Updated:
December 03, 2024
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1671 | FactoryTalk® Remote Access™ has Unquoted Executables
Published Date:
May 07, 2024
Last Updated:
December 04, 2024
CVE IDs:
CVE-2024-3640
CVSS Scores (v3.1):
7.7
CVSS Scores (v4.0):
7.0
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1670 | Datalog Function within in FactoryTalk® View SE contains SQL Injection Vulnerability
Published Date:
May 07, 2024
Last Updated:
December 03, 2024
CVE IDs:
CVE-2024-4609
CVSS Scores (v3.1):
7.6
CVSS Scores (v4.0):
8.8
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1669 | FactoryTalk® Historian SE vulnerable to AVEVA-2024-001 and AVEVA-2024-002
Published Date:
May 06, 2024
Last Updated:
November 19, 2024
CVE IDs:
CVE-2023-31274, CVE-2023-34348
CVSS Scores (v3.1):
7.5
CVSS Scores (v4.0):
7.7
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
SD1668 | FactoryTalk® Production Centre Vulnerable to Apache ActiveMQ Vulnerability
Published Date:
April 18, 2024
Last Updated:
December 03, 2024
CVE IDs:
CVE-2023-4664
CVSS Scores (v3.1):
9.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
SD1667 | Input/output Device Vulnerable to Major Nonrecoverable Fault
Published Date:
April 11, 2024
Last Updated:
December 04, 2024
CVE IDs:
CVE-2024-2424
Products:
5015-AENFTXT
CVSS Scores (v3.1):
7.5
CVSS Scores (v4.0):
8.7
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
SD1666 | ControlLogix® and GuardLogix® Vulnerable to major nonrecoverable fault due to Invalid Header Value
Published Date:
April 11, 2024
Last Updated:
December 04, 2024
CVE IDs:
CVE-2024-3493
CVSS Scores (v3.1):
8.6
CVSS Scores (v4.0):
9.2
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1665 | Arena® Simulation Vulnerabilities
Published Date:
March 26, 2024
Last Updated:
October 16, 2024
CVE IDs:
CVE-2024-21912, CVE-2024-21913, CVE-2024-2929, CVE-2024-21918, CVE-2024-21919, CVE-2024-21920
Products:
Arena® Simulation Software
CVSS Scores (v3.1):
7.8, 4.4
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1664 | Denial-of-service and Input Validation Vulnerabilities in PowerFlex® 527
Published Date:
March 21, 2024
Last Updated:
December 04, 2024
CVE IDs:
CVE-2024-2425, CVE-2024-2426, CVE-2024-2427
Products:
PowerFlex® 527
CVSS Scores:
7.5, 8.7
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
Medium
SD1663 | FactoryTalk® View ME on PanelView™ Plus 7 Boot Terminal lack Security Protections
Published Date:
March 21, 2024
Last Updated:
December 03, 2024
CVE IDs:
CVE-2024-21914
Products:
FactoryTalk® View ME
CVSS Scores (v3.1):
5.3
CVSS Scores (v4.0):
6.9
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
SD1662 | FactoryTalk® Service Platform Elevated Privileges Vulnerability Through Web Service Functionality
Published Date:
February 14, 2024
Last Updated:
December 04, 2024
CVE IDs:
CVE-2024-21915
Products:
FactoryTalk® Service Platform
CVSS Scores (v3.1):
9.0
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1661 | Denial-of-service Vulnerability in ControlLogix® and GuardLogix® Controllers
Published Date:
January 30, 2024
Last Updated:
November 20, 2024
CVE IDs:
CVE-2024 21916
Products:
ControlLogix® 5570, GuardLogix® 5570, ControlLogix® 5570 Redundancy
CVSS Scores (v3.1):
8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
SD1660 | FactoryTalk® Service Platform Service Token Vulnerability
Published Date:
January 30, 2024
Last Updated:
December 04, 2024
CVE IDs:
CVE - 2024 21917
Products:
FactoryTalk® Service Platform
CVSS Scores (v3.1):
9.8
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1659 | LP30/40/50 and BM40 Operator Interface Vulnerable to CODESYS Vulnerabilities
Published Date:
January 24, 2024
Last Updated:
December 01, 2024
CVE IDs:
CVE-2022-47378, CVE-2022-47379, CVE-2022-47380, CVE-2022-47381 , CVE-2022-47382, CVE-2022-47383, CVE-2022-47384, CVE-2022-47386, CVE-2022-47387, CVE-2022-47388, CVE-2022-47389, CVE-2022-47390, CVE-2022-47385 , CVE-2022-47392 , CVE-2022-47393
Products:
LP30 Operator Panel, LP40 Operator Panel, BM40 Operator Panel, LP50 Operator Panel
CVSS Scores (v3.1):
6.5, 8.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
SD1658 | SD1658 | SIS Workstation and ISaGRAF Workbench Code Execution and Privilege Escalation
Published Date:
November 15, 2023
Last Updated:
November 15, 2023
CVE IDs:
CVE-2015-9268
Products:
Safety Instrumented System Workstation, ISaGRAF® Workbench
CVSS Scores:
7.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
SD1657 | FactoryTalk® Activation Contains Wibu CodeMeter Vulnerabilities
Published Date:
November 15, 2023
Last Updated:
November 19, 2024
CVE IDs:
CVE-2023-38545, CVE-2023-3935
Products:
FactoryTalk Activation Manager
CVSS Scores (v3.1):
7.9, 9.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1656 | FactoryTalk® View Site Edition Vulnerable to Improper Input Validation
Published Date:
October 31, 2023
Last Updated:
December 10, 2024
CVE IDs:
CVE-2023-46289
Products:
FactoryTalk® View Site Edition
CVSS Scores (v3.1):
7.5
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1655 | FactoryTalk® Services Platform Elevated Privileges Vulnerability
Published Date:
October 31, 2023
Last Updated:
December 10, 2024
CVE IDs:
CVE-2023-46290
Products:
FactoryTalk® Services Platform
CVSS Scores (v3.1):
8.1
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1654 | Arena® Simulation Buffer Overflow Vulnerabilities
Published Date:
October 31, 2023
Last Updated:
December 10, 2024
CVE IDs:
CVE-2023-27854, CVE-2023-27858
Products:
Arena® Simulation Software
CVSS Scores (v3.1):
7.8
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1653 | Stratix® 5800 and 5200 vulnerable to Cisco IOS XE Web UI Privilege Escalation (Active Exploit)
Published Date:
October 18, 2023
Last Updated:
December 10, 2024
CVE IDs:
CVE-2023-20198
Products:
Stratix® 5200, Stratix® 5800
CVSS Scores (v3.1):
7.2, 10
Known Exploited Vulnerability (KEV):
Yes
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1652 | PN1652 | FactoryTalk® Linx Vulnerable to Denial-of-Service and Information Disclosure
Published Date:
October 17, 2023
Last Updated:
October 17, 2023
CVE IDs:
CVE-2023-29464
Products:
FactoryTalk® Linx
CVSS Scores:
8.2
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1649 | PN1649 | Select Logix Communication Modules Vulnerable to Email Object Buffer Overflow
Published Date:
October 09, 2023
Last Updated:
October 09, 2023
CVE IDs:
CVE-2023-2262
Products:
ControlLogix Communication - Ethernet/IP
CVSS Scores:
9.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1648 | PN1648 | Connected Components Workbench™ Vulnerable to CefSharp Vulnerabilities
Published Date:
October 05, 2023
Last Updated:
October 05, 2023
CVE IDs:
CVE-2020-16017, CVE-2022-0609, CVE-2020-16009, CVE-2020-16013, CVE-2020-15999
Products:
Connected Components Workbench (CCW)
CVSS Scores:
9.6, 8.8, 8.8, 8.8, 6.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1647 | PN1647 | PanelView™ 800 Vulnerable to CVE-2017-12652
Published Date:
October 05, 2023
Last Updated:
October 05, 2023
CVE IDs:
CVE-2017-12652
Products:
PanelView 800, PanelView Component Refresh (PanelView 800)
CVSS Scores:
9.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN1646 | PN1646 | KEPServer Enterprise Vulnerable to Multiple Vulnerabilities
Published Date:
October 05, 2023
Last Updated:
October 05, 2023
CVE IDs:
CVE 2023-29444, CVE 2023-29445, CVE 2023-29446, CVE 2023-29447
Products:
KEPServe Enterprise
CVSS Scores:
6.3, 6.3, 4.7, 5.7
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1645 | PN1645 | FactoryTalk View Machine Edition Vulnerable to Remote Code Execution
Published Date:
October 05, 2023
Last Updated:
October 05, 2023
CVE IDs:
CVE-2023-2071
Products:
FactoryTalk View Machine Edition
CVSS Scores:
9.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1642 | PN1642 | Pavilion8® Security Misconfiguration Vulnerability
Published Date:
October 05, 2023
Last Updated:
October 05, 2023
CVE IDs:
CVE-2023-29463
Products:
ControlLogix Communications - Ethernet/IP
CVSS Scores:
8.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1639 | PN1639 | Select Distributed I/O Communication Modules vulnerable to a Denial-of-Service Vulnerability
Published Date:
August 23, 2023
Last Updated:
August 23, 2023
CVE IDs:
CVE-2022-1737
Products:
1732E-OB16M12DR Series B, 1732E-IB16M12R Series B, 1734-AENTR , 1732E-OB16M12R Series B, 1732E-IB16M12DR Series B, 1732E-8X8M12DR Series B, 1738-AENTR Series A , 1732E-12X4M12P5QCDR Series A, 1732E-12X4M12QCDR Series A, 1732E-16CFGM12QCR Series A, 1734-AENT, 1732E-12X4M12QCDR Series A, 1732E-16CFGM12P5QCR Series A, 1732E-16CFGM12R Series B, 1799ER-IQ10XOQ10 Series B, 1732E-16CFGM12P5QCWR Series B, 1732E-16CFGM12QCWR Series A
CVSS Scores:
8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1638 | PN1638 | ThinManager® ThinServer™ Input Validation Vulnerabilities
Published Date:
August 17, 2023
Last Updated:
August 17, 2023
CVE IDs:
CVE-2023-2917, CVE-2023-2914, CVE-2023-2915
Products:
ThinManager ThinServer Input Validation Vulnerabilities
CVSS Scores:
7.5, 9.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1637 | PN1637 | Armor ™ PowerFlex ® Critical Fault Vulnerability
Published Date:
August 08, 2023
Last Updated:
August 08, 2023
CVE IDs:
CVE-2023-2423
Products:
Armor PowerFlex Critical Fault
CVSS Scores:
8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1635 | PN1635 | ThinManager® ThinServer™ Path Traversal Vulnerability
Published Date:
July 18, 2023
Last Updated:
July 18, 2023
CVE IDs:
CVE-2023-2913
Products:
ThinManager
CVSS Scores:
7.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1634 | PN1634 | Kinetix® 5700 DC Bus Power Supply Series A – CIP Message Attack Could Cause Denial-Of-Service
Published Date:
July 18, 2023
Last Updated:
July 18, 2023
CVE IDs:
CVE-2023-2263
Products:
2198 Kinetix 5700 Drive
CVSS Scores:
7.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1633 | PN1633 | Remote Code Execution and Denial-of-Service Vulnerabilities in Select Communication Modules
Published Date:
July 12, 2023
Last Updated:
July 12, 2023
CVE IDs:
CVE-2023-3596, CVE-2023-3595
Products:
Comms Modules
CVSS Scores:
7.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1631 | PN1631 | PowerMonitor™ 1000 – Cross-Site Scripting Vulnerability
Published Date:
July 11, 2023
Last Updated:
July 11, 2023
CVE IDs:
CVE-2023-2072
Products:
1408 PowerMonitor 1000
CVSS Scores:
8.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1630 | PN1630 | Enhanced HIM Vulnerable to Cross Site Request Forgery Attack
Published Date:
July 11, 2023
Last Updated:
July 11, 2023
CVE IDs:
CVE-2023-2746
Products:
PowerFlex 7000, PowerFlex 6000
CVSS Scores:
9.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1629 | PN1629 | Denial-of-Service Vulnerability in FactoryTalk® Transaction Manager
Published Date:
June 13, 2023
Last Updated:
June 13, 2023
CVE IDs:
CVE-2023-2778
Products:
FactoryTalk Transaction Manager
CVSS Scores:
7.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1628 | PN1628 | Apache Portable Runtime Vulnerability in FactoryTalk® Edge Gateway
Published Date:
June 13, 2023
Last Updated:
June 13, 2023
CVE IDs:
CVE-2021-35940, CVE-2017-12613
Products:
FactoryTalk Edge Gateway
CVSS Scores:
7.1
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1627 | PN1627 | FactoryTalk® System Services affecting FactoryTalk® Policy Manager – Multiple Vulnerabilities
Published Date:
June 13, 2023
Last Updated:
June 13, 2023
CVE IDs:
CVE-2023-2639, CVE-2023-2637, CVE-2023-2638
Products:
FactoryTalk Policy Manager, FactoryTalk System Services, FactoryTalk Services Platform
CVSS Scores:
4.1, 5.9, 7.3
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1625 | PN1625 | Inadequate Encryption Vulnerability in ThinManager®
Published Date:
May 12, 2023
Last Updated:
May 12, 2023
CVE IDs:
CVE-2023-2443
Products:
ThinManager
CVSS Scores:
7.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1626 | PN1626 | Cross Site Request Forgery in FactoryTalk® Vantagepoint®
Published Date:
May 11, 2023
Last Updated:
May 11, 2023
CVE IDs:
CVE-2023-2444
Products:
FactoryTalk VantagePoint
CVSS Scores:
7.1
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1624 | Open Ports Vulnerability in Kinetix 5500 EtherNet/IP Servo Drive
Published Date:
May 11, 2023
Last Updated:
October 16, 2024
CVE IDs:
CVE-2023-1834
Products:
2198 Kinetix 5500 Drive
CVSS Scores (v3.1):
9.4
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1623 | PN1623 | PanelView™ 800 – Remote Code Execution Vulnerabilities
Published Date:
May 11, 2023
Last Updated:
May 11, 2023
CVE IDs:
CVE-2019-16748, CVE-2020-36177
Products:
PanelView 800
CVSS Scores:
9.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1622 | PN1622 | ArmorStart® ST 281E, 284EE Vulnerable to Multiple XSS Vulnerabilities
Published Date:
May 11, 2023
Last Updated:
May 11, 2023
CVE IDs:
CVE-2023-29030, CVE-2023-29022, CVE-2023-29028, CVE-2023-29027, CVE-2023-29023, CVE-2023-29026, CVE-2023-29029, CVE-2023-29031, CVE-2023-29024, CVE-2023-29025
Products:
ArmorStart
CVSS Scores:
4.7, 7.0, 5.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1621 | PN1621 | Arena® Simulation – Multiple Vulnerabilities
Published Date:
May 09, 2023
Last Updated:
May 09, 2023
CVE IDs:
CVE-2023-29460, CVE-2023-29462, CVE-2023-29461
Products:
Arena
CVSS Scores:
7.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1410 | PN1410 | FactoryTalk® Diagnostics Vulnerable to Remote Code Execution
Published Date:
April 10, 2023
Last Updated:
April 10, 2023
CVE IDs:
CVE-2020-6967
Products:
FactoryTalk Services Platform
CVSS Scores:
9.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1618 | PN1618 | ThinManager Software Path Traversal and Denial-Of-Service Attack
Published Date:
March 21, 2023
Last Updated:
March 21, 2023
CVE IDs:
CVE-2023-27855, CVE-2023-27857, CVE-2023-27856, CVE-2023-28757
Products:
ThinManager
CVSS Scores:
7.5, 9.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN1619 | Modbus TCP AOI Server Could Leak Sensitive Information
Published Date:
March 16, 2023
Last Updated:
October 16, 2024
CVE IDs:
CVE-2023-0027
Products:
1768/1769/5069 CompactLogix, 1756 ControlLogix
CVSS Scores (v3.1):
5.3
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN1554 | PN1554 | CompactLogix 5370 and ControlLogix 5570 Controllers Vulnerable to Denial of Service Conditions due to Improper Input Validation
Published Date:
February 07, 2023
Last Updated:
February 07, 2023
CVE IDs:
CVE-2020-6998
Products:
1769 Compact GuardLogix 5370, 1769 CompactLogix 5370
CVSS Scores:
5.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1616 | PN1616 | CVE-2019-5096 and CVE 2019-5097 Vulnerabilities Impact Multiple Products
Published Date:
January 27, 2023
Last Updated:
January 27, 2023
CVE IDs:
CVE-2019-5097, CVE-2019-5096
Products:
1768/1769/5069 CompactLogix, 1769 Compact I/O, 1732E ArmorBlock I/O, 1756 ControlLogix, 1769 CompactLogix Controllers, 1747 SLC 500, 1756/1769/5069/2080 Chassis-based I/O, 1769 Compact GuardLogix 5370, 1756/5069 GuardLogix
CVSS Scores:
7.5, 9.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1613 | PN1613 | Product Notice 1613: Logix Controllers Vulnerable to a Denial-of-Service Vulnerability
Published Date:
January 25, 2023
Last Updated:
January 25, 2023
CVE IDs:
CVE-2022-3157
Products:
1756-L71S, Standard Controllers, 1756-L72S, 1756-L73S, 1769 CompactLogix 5370
CVSS Scores:
8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1614 | PN1614 | Studio 5000 Logix Emulate Vulnerable to a SMB Insecurely Configuration Vulnerability
Published Date:
December 22, 2022
Last Updated:
December 22, 2022
CVE IDs:
CVE-2022-3156
Products:
RSLogix Emulate 5000 / Studio 5000 Logix Emulate
CVSS Scores:
7.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1612 | MicroLogix 1100 and 1400 Web Server Application Vulnerable to Cross Site Scripting Attack
Published Date:
December 13, 2022
Last Updated:
October 16, 2024
Products:
1763 MicroLogix 1100, 1766 MicroLogix 1400
CVSS Scores (v3.1):
8.2
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
High
PN1611 | MicroLogix 1100 and 1400 Product Web Server Application Vulnerable to Denial-Of-Service Condition Attack
Published Date:
December 13, 2022
Last Updated:
October 16, 2024
Products:
1763 MicroLogix 1100, 1766 MicroLogix 1400
CVSS Scores (v3.1):
7.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
High
PN1609 | Logix Controllers Vulnerable to Denial-of-Service Attack
Published Date:
December 06, 2022
Last Updated:
October 16, 2024
CVE IDs:
CVE-2022-3752
Products:
1756-L83ES, Standard Controllers, 1756-L84ES, 1756-L81ES, 5069 CompactLogix, 1756-L82ES, 5069 Compact GuardLogix 5380
CVSS Scores (v3.1):
8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN1608 | FactoryTalk Live Data Communication Module Vulnerable to Man-In-The-Middle Attack
Published Date:
December 01, 2022
Last Updated:
October 16, 2024
Products:
LiveData
CVSS Scores (v3.1):
5.9
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
Critical
PN1576 | PN1576 | FactoryTalk® Activation Manager and Studio 5000 Logix Designer® contain Wibu Codemeter vulnerabilities.
Published Date:
November 17, 2022
Last Updated:
November 17, 2022
CVE IDs:
CVE-2021-20094, CVE-2021-20093, CVE-2021-41057
Products:
FactoryTalk Activation, RSLogix 5000 / Studio 5000 Logix Designer
CVSS Scores:
7.5, 9.1
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1508 | Treck Ripple20 TCP/IP Vulnerabilities Affect Multiple Rockwell Automation Products
Published Date:
November 01, 2022
Last Updated:
November 20, 2024
CVE IDs:
CVE-2020-11914, CVE-2020-11910, CVE-2020-11901, CVE-2020-11907, CVE-2020-11911, CVE-2020-11912, CVE-2020-25066, CVE-2020-11906
Products:
Flex I/O, 1408 PowerMonitor 1000, 1732E ArmorBlock I/O, 1426 PowerMonitor 5000
CVSS Scores (v3.1):
9.8, 9.1, 5.0, 3.7, 3.1
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
PN1607 | PN1607 | New Open SSL Vulnerability
Published Date:
October 31, 2022
Last Updated:
October 31, 2022
Products:
FactoryTalk View
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1605 | FactoryTalk Alarm and Events Server Vulnerable to Denial-Of-Service Attack
Published Date:
October 27, 2022
Last Updated:
October 16, 2024
CVE IDs:
CVE-2022-38744
Products:
FactoryTalk View SE, Studio 5000 View Designer
CVSS Scores (v3.1):
7.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
High
PN1601 | PN1601 | Stratix Products Vulnerable to Multiple Vulnerabilities
Published Date:
October 27, 2022
Last Updated:
October 27, 2022
CVE IDs:
CVE-2020-3209, CVE-2020-3200, CVE-2021-1385, CVE-2020-3516, CVE-2021-1446
Products:
Stratix 5400 Industrial Ethernet Switch, Stratix 5800 Switch, Stratix 5410 Ind Distribution Switch
CVSS Scores:
6.8, 7.2, 8.8, 6.5, 7.7, 8.6, 4.3
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1606 | PN1606 | Factory Talk VantagePoint Software Broken Access Control and Input Validation Vulnerability
Published Date:
October 07, 2022
Last Updated:
October 07, 2022
CVE IDs:
CVE-2022-3158, CVE-2022-38743
Products:
FactoryTalk Linx OPC UA Connector
CVSS Scores:
9.9
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1595 | PN1595 | OpenSSL Infinite Loop in Rockwell Automation Products
Published Date:
September 23, 2022
Last Updated:
January 28, 2025
CVE IDs:
CVE-2022-0778
CVSS Scores:
7.5, 4.9
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
High
PN1604 | PN1604 | ThinManager Software Vulnerable to Arbitrary Code Execution and Denial-Of-Service Attack
Published Date:
September 22, 2022
Last Updated:
September 22, 2022
CVE IDs:
CVE-2022-38742
Products:
ThinManager
CVSS Scores:
8.1
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1603 | PN1603 | KEPServer Enterprise Vulnerable to Remote Code Execution and Denial-of-Service Attack
Published Date:
September 01, 2022
Last Updated:
September 01, 2022
CVE IDs:
CVE-2022-2825, CVE-2022-2848
Products:
Kepserver Enterprise
CVSS Scores:
9.1, 9.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN1598 | PN1598 | CVE 2022-1096 Chromium Type Confusion Vulnerability Impact Multiple Products
Published Date:
August 26, 2022
Last Updated:
August 26, 2022
CVE IDs:
CVE-2022-1096
Products:
Using CCW with PanelView Component Terminals, FactoryTalk Linx Gateway, FactoryTalk View SE, Installing CCW, FactoryTalk Linx / RSLinx Enterprise, PowerFlex 6000, Using CCW with Micro800 Controllers, Using CCW with Component Class Drives
CVSS Scores:
4.0
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1600 | PN1600 | ISaGRAF Workbench Vulnerable to Multiple Phishing-Style Attacks
Published Date:
July 20, 2022
Last Updated:
July 20, 2022
CVE IDs:
CVE-2022-2463, CVE-2022-2465, CVE-2022-2464
Products:
AADvance, ISaGRAF, Trusted
CVSS Scores:
6.1, 7.7, 8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1550 | PN1550 | CVE-2021-22681: Authentication Bypass Vulnerability Found in Logix Controllers
Published Date:
July 20, 2022
Last Updated:
July 20, 2022
CVE IDs:
CVE-2021-22681
Products:
SoftLogix5800, 1794 FlexLogix, 1756 ControlLogix, 1769 CompactLogix Controllers, 1769 Compact GuardLogix 5370, 1768 CompactLogix Controllers, 5069 Compact GuardLogix 5380, RSLogix 5000 / Studio 5000 Logix Designer
CVSS Scores:
10.0
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1599 | PN1599 | FactoryTalk Analytics DataView Vulnerable to Spring4Shell Vulnerability (CVE 2022-22965)
Published Date:
July 14, 2022
Last Updated:
July 14, 2022
Products:
FactoryTalk Analytics DataView
CVSS Scores:
9.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN1597 | PN1597 | MicroLogix 1400/1100 Vulnerable to Clickjacking Vulnerability
Published Date:
July 07, 2022
Last Updated:
July 07, 2022
CVE IDs:
CVE-2022-2179
Products:
1763 MicroLogix 1100, 1766 MicroLogix 1400
CVSS Scores:
6.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN1596 | PN1596 | Logix Controllers Vulnerable to Denial-of-Service Attack
Published Date:
June 17, 2022
Last Updated:
June 17, 2022
CVE IDs:
CVE-2022-1797
Products:
1769 Compact GuardLogix 5370, 1756/5069 GuardLogix, 1768/1769/5069 CompactLogix, 1756 ControlLogix
CVSS Scores:
6.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
PN1594 | PN1594 | APT Cyber Tools Targeting ICS/SCADA Devices (PIPEDREAM/INCONTROLLER)
Published Date:
May 06, 2022
Last Updated:
May 06, 2022
Products:
FactoryTalk Linx Gateway
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1586 | PN1586 | Logix Designer Application May Allow Unauthorized Controller Code Injection
Published Date:
May 06, 2022
Last Updated:
May 06, 2022
CVE IDs:
CVE-2022-1159
Products:
RSLogix 5000 / Studio 5000 Logix Designer
CVSS Scores:
7.7
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1585 | PN1585 | Logix Controllers May Allow for Unauthorized Code Injection
Published Date:
May 06, 2022
Last Updated:
May 06, 2022
CVE IDs:
CVE-2021-22681, CVE-2022-1161
Products:
5069 Compact GuardLogix 5380, 1769 CompactLogix Controllers, 1769 CompactLogix 5370, 1756/5069 GuardLogix, 1768 CompactLogix Controllers, ControlLogix Hardware
CVSS Scores:
10.0
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
PN1592 | PN1592 | Vulnerable Third-Party Components in FactoryTalk® ProductionCentre
Published Date:
May 04, 2022
Last Updated:
May 04, 2022
Products:
FactoryTalk ProductionCentre
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1589 | PN1589 | Multiple Products Vulnerable to Deserialization of Data
Published Date:
April 04, 2022
Last Updated:
April 04, 2022
CVE IDs:
CVE-2022-1118
Products:
Using CCW with Micro800 Controllers, ISaGRAF, Using CCW with Component Class Drives, Using CCW with PanelView Component Terminals
CVSS Scores:
8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1579 | Log4Shell Vulnerability Notice
Published Date:
January 21, 2022
Last Updated:
December 01, 2024
CVE IDs:
CVE-2021-4104, CVE-2021-45046, CVE-2019-17571, CVE-2021-44228
Products:
Production Management
CVSS Scores (v3.1):
10, 3.7, 8.1, 9.8
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
Critical
PN1567 | PN1567 | ISaGRAF Runtime Affected by Multiple Vulnerabilities
Published Date:
December 30, 2021
Last Updated:
December 30, 2021
CVE IDs:
CVE-2020-25184, CVE-2020-25180, CVE-2020-25176, CVE-2020-25182, CVE-2020-25178
Products:
AADvance, ISaGRAF, Micro800
CVSS Scores:
9.1, 7.8, 5.3, 7.5, 6.7
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1580 | PN1580 | GOAhead Web Server vulnerability in 1783-NATR
Published Date:
December 16, 2021
Last Updated:
December 16, 2021
CVE IDs:
CVE-2019-5097, CVE-2019-5096
Products:
Network Address Translation (NAT) Device
CVSS Scores:
7.5, 9.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1494 | VxWorks Vulnerabilities affect Programmable Automation Controllers, EtherNet/IP Communication Modules, I/O Modules, Kinetix 6500 Servo Drive, High-Frequency RFID Interface Block
Published Date:
August 11, 2021
Last Updated:
October 04, 2024
CVE IDs:
CVE-2019-12260, CVE-2019-12265, CVE-2019-12257, CVE-2019-12258, CVE-2019-12256, CVE-2019-12255, CVE-2019-12263, CVE-2019-12262, CVE-2019-12264, CVE-2019-12261, CVE-2019-12259
Products:
Network Address Translation (NAT) Device, 5069 Compact I/O, 1732E ArmorBlock I/O, Ethernet/IP Connected Products, High-Frequency RFID, 1756 ControlLogix I/O
CVSS Scores (v3.1):
9.8, 8.8, 7.5, 8.1, 6.3, 7.1, 5.4
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
High
PN1575 | PN1575 | Interniche Vulnerabilities present in Rockwell Automation Products – “INFRA:HALT”
Published Date:
August 09, 2021
Last Updated:
August 09, 2021
CVE IDs:
CVE-2020-25767, CVE-2020-35684, CVE-2020-35685, CVE-2021-31400, CVE-2021-36762, CVE-2020-25926, CVE-2021-31226, CVE-2021-31401, CVE-2021-31228, CVE-2020-25928, CVE-2020-25927, CVE-2021-31227, CVE-2020-27565, CVE-2020-35683
Products:
AADvance, 1715 Distributed I/O, 1715 Redundant I/O, ArmorStart
CVSS Scores:
8.2, 4.0
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1571 | PN1571 | MicroLogix 1100 Persistent CPU Fault Vulnerability
Published Date:
July 09, 2021
Last Updated:
July 09, 2021
CVE IDs:
CVE-2021-33012
Products:
1763 MicroLogix 1100
CVSS Scores:
8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1569 | PN1569 | FactoryTalk Security Remote Desktop Connection ‘Computer Name’ Policy Bypass Vulnerability
Published Date:
June 10, 2021
Last Updated:
June 10, 2021
CVE IDs:
CVE-2021-32960
Products:
FactoryTalk Services Platform
CVSS Scores:
8.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN1566 | PN1566 | Micro800 and MicroLogix 1400 Vulnerable to Man-in-the-Middle Attack
Published Date:
May 25, 2021
Last Updated:
May 25, 2021
CVE IDs:
CVE-2021-32926
Products:
Micro800, 1766 MicroLogix 1400
CVSS Scores:
6.1
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1565 | PN1565 | Connected Components Workbench Vulnerable to Multiple Phishing-Style Attacks
Published Date:
May 13, 2021
Last Updated:
May 13, 2021
CVE IDs:
CVE-2021-27473, CVE-2021-27471, CVE-2021-27475
Products:
Connected Components Workbench
CVSS Scores:
6.1, 7.7, 8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1564 | PN1564 | DNS Name:Wreck Vulnerabilities Affect Multiple Rockwell Automation Products
Published Date:
April 28, 2021
Last Updated:
April 28, 2021
CVE IDs:
CVE-2016-20009
Products:
5069 CompactLogix, Communications Modules, 1769 CompactLogix Controllers, 1756 ControlLogix
CVSS Scores:
9.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1559 | PN1559 | FactoryTalk AssetCentre Vulnerable to Arbitrary Code Execution
Published Date:
April 01, 2021
Last Updated:
April 01, 2021
CVE IDs:
CVE-2021-27466, CVE-2021-27460, CVE-2021-27474, CVE-2021-27468, CVE-2021-27470, CVE-2021-27462, CVE-2021-27464, CVE-2021-27476, CVE-2021-27472
Products:
FactoryTalk AssetCentre
CVSS Scores:
10
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN1588 | PN1588 | File Parsing XML Entity in Multiple Products
Published Date:
March 28, 2021
Last Updated:
March 28, 2021
CVE IDs:
CVE-2022-1018
Products:
Using CCW with Micro800 Controllers, ISaGRAF, Using CCW with Component Class Drives, Using CCW with PanelView Component Terminals
CVSS Scores:
5.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1558 | PN1558 | Stratix Switches Impacted by IOS and IOS XE Software Vulnerabilities
Published Date:
March 26, 2021
Last Updated:
March 26, 2021
CVE IDs:
CVE-2021-1452, CVE-2021-1442, CVE-2021-1443, CVE-2021-1392, CVE-2021-1403, CVE-2021-1220, CVE-2021-1352
Products:
Stratix 5400 Industrial Ethernet Switch, Stratix 8300 L3 Modular Managed Switch, Stratix 5410 Ind Distribution Switch, Stratix 8000 Modular Managed Switch
CVSS Scores:
7.8, 7.4, 6.8, 4.3, 5.5, 7.0
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1551 | PN1551 | 1734-AENTR Series B and Series C Contains Multiple Web Vulnerabilities
Published Date:
March 04, 2021
Last Updated:
March 04, 2021
CVE IDs:
CVE-2020-14504, CVE-2020-14502
Products:
1734 Point I/O
CVSS Scores:
7.5, 4.7
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1543 | PN1543 | Writable Path Directory in DriveTools SP and Drives AOP
Published Date:
February 15, 2021
Last Updated:
February 15, 2021
CVE IDs:
CVE-2021-22665
Products:
9303 DriveTools SP
CVSS Scores:
7.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1531 | PN1531 | 1794-AENT Flex I/O Series B Contains Multiple Denial of Service Vulnerabilities
Published Date:
February 02, 2021
Last Updated:
February 02, 2021
CVE IDs:
CVE-2020-6085, CVE-2020-6084, CVE-2020-6088, CVE-2020-6083, CVE-2020-6087, CVE-2020-6086
Products:
Flex I/O, 1794 Flex, 1794/5094 Distributed I/O
CVSS Scores:
7.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1545 | PN1545 | Modbus Vulnerability may lead to Denial-of-Service conditions in the MicroLogix 1400 Controller
Published Date:
January 28, 2021
Last Updated:
January 28, 2021
CVE IDs:
CVE-2021-22659
Products:
1766 MicroLogix 1400
CVSS Scores:
8.1
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN794 | PN794 | RSLogix 5000 Studio 5000 Logix Designer Source Protection Vulnerability
Published Date:
January 25, 2021
Last Updated:
January 25, 2021
CVE IDs:
CVE-2014-0755
Products:
Logix Designer
CVSS Scores:
6.3
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1540 | PN1540 | FactoryTalk Linx and FactoryTalk Services Platform Contain Denial-of-Service Vulnerabilities
Published Date:
January 22, 2021
Last Updated:
January 22, 2021
CVE IDs:
CVE-2020-5806, CVE-2020-5801, CVE-2020-5802, CVE-2020-5807
Products:
FactoryTalk Linx Gateway, FactoryTalk Services Platform, FactoryTalk Linx / RSLinx Enterprise
CVSS Scores:
7.5, 6.2, 4.3
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1113 | PN1113 | CVE-2020-0601 Impact to Rockwell Automation Products
Published Date:
January 20, 2021
Last Updated:
January 20, 2021
CVE IDs:
CVE-2020-0601
Products:
FactoryTalk Analytics for Devices, FactoryTalk Analytics LogixAI, 1756 ControlLogix I/O
CVSS Scores:
8.1
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1548 | PN1548 | Allen‑Bradley MicroLogix 1100 Programmable Logic Controller IPv4 Denial-of-Service Vulnerability
Published Date:
January 19, 2021
Last Updated:
January 19, 2021
CVE IDs:
CVE-2020-6111
Products:
1763 MicroLogix 1100
CVSS Scores:
7.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN1542 | PN1542 | Side-Channel Issue on NXP 7x Secure Authentication Microcontrollers May Lead to ECC Key Extraction
Published Date:
January 14, 2021
Last Updated:
January 14, 2021
CVE IDs:
CVE-2021-3011
Products:
5069-L330ERMS2K, 5069-L340ERMS2, PowerFlex 6000, 5069-L3100ERS2, PowerFlex 755, 5069-L3100ERMS2, 5069-L306ERMS2, 2198 Kinetix 5700 Drive, iTRAK, 5069-L350ERMS2K, 5069-L320ERMS2K, 5069-L320ERMS2, 5069-L330ERS2K, 5069-L330ERMS2, 5069-L320ERS2K, 5069-L350ERS2K, 5069 Compact GuardLogix 5380, 5069-L380ERMS2, PowerFlex 755T, 1756 ControlLogix, 5069-L350ERMS2, 5069-L380ERS2
CVSS Scores:
4.9
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1541 | PN1541 | FactoryTalk AssetCentre affected by M and M Software fdtCONTAINER Remote Code Execution Vulnerability
Published Date:
January 11, 2021
Last Updated:
January 11, 2021
CVE IDs:
CVE-2020-12525
Products:
FactoryTalk AssetCentre
CVSS Scores:
8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1539 | PN1539 | Vulnerabilities in the Kepware OPC UA server interface may lead to Denial-of-Service Conditions or Data Leak
Published Date:
December 17, 2020
Last Updated:
December 17, 2020
CVE IDs:
CVE-2020-27267, CVE-2020-27263
Products:
ThingWorx Industrial Connectivity, ThingWorx, Kepserver Enterprise
CVSS Scores:
7.5, 9.1
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1536 | PN1536 | FactoryTalk® Linx® Affected by Multiple Denial-of-Service and Heap Overflow Vulnerabilities
Published Date:
November 24, 2020
Last Updated:
November 24, 2020
CVE IDs:
CVE-2020-27251, CVE-2020-27255, CVE-2020-27253
Products:
FactoryTalk Linx Gateway
CVSS Scores:
8.6, 9.8, 5.3
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
PN1534 | PN1534 | Stratix 5700 HTTP Session Management Weakness
Published Date:
October 30, 2020
Last Updated:
October 30, 2020
Products:
Stratix 5700 Managed Switch
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
PN923 | PN923 | Claims of ransomware masquerading as an Allen‑Bradley Update
Published Date:
October 02, 2020
Last Updated:
October 02, 2020
Products:
Compliance / Audit Trail / Security, 6181X Hazardous Non-Display, ProcessPak, Integration Manager, SOS, dsShopLib, RSLogix 500, Arena, Foundation Server, Shop Operations, Reporting (form based), RSView32 WebServer, Database, FactoryTalk ViewPoint, SPC, Admin Tools, RSView32 SPC, FactoryTalk VantagePoint, App Solutions Documentation, Business Objects, Migration, Studio 5000 View Designer, 650R Non-Display Computers, 750R Non-Display Computers, FactoryTalk View SE, Reporting, Interface Manager, Operator Certification, RSLogix 5, Live Transfer, 6181 Computers, 1450R Non-Display Computers, RSLogix Emulate 5000 / Studio 5000 Logix Emulate, LiveData, Agile, Installation, RSLogix Emulate 500, Knowledge Documentation, RSLogix Emulate 5, Build Utility, Shop Operation, Foundation Client, NCR/CAR/IQA, RSView32, FactoryTalk Activation, Purge, FactoryTalk Historian SE, WSIntegrate, SoftLogix5800, RSView32 Messenger, FactoryTalk Linx Gateway, Supplier Manager, RSView32 Active Display, Maintenance Releases, Connected Components Workbench, Documentation, Activities, ETL, Historical Transfer, ECO, 6180 Computers with Keypad, Production Management Client, RSLadder, RMA, Data, Thin Client, Logix Designer, Administration, 6155 Compact Computers, Production Execution Client, Installation, 6181X Hazardous Integrated Display, Dashboard, JD Edwards, ActiveX Control, FactoryTalk Metrics, TrendX, Universe Manager, FactoryTalk AssetCentre, Knowledge Installation, Sampling Plans, Configuration Tool, FactoryTalk Transaction Manager, Consumer Packaged Goods Suite, Reports (Out-of-box), PlantMetrics, API, FactoryTalk Batch, FactoryTalk EnergyMetrix, FactoryTalk View ME, SoftLogix5, Process Designer, Reports (Custom), Automotive Suite , Quality Assurance (6.x), ICAPA, RSLogix Architect / Studio 5000 Architect, Equipment Manager, PlantPAx, Complaint Handling, Pavilion, FactoryTalk Services Platform
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1530 | PN1530 | FactoryTalk Activation Manager affected by CodeMeter Vulnerabilities
Published Date:
September 18, 2020
Last Updated:
September 18, 2020
CVE IDs:
CVE-2020-14517, CVE-2020-16233, CVE-2019-14519, CVE-2020-14519, CVE-2020-14515, CVE-2020-14509, CVE-2020-14513
Products:
FactoryTalk Activation
CVSS Scores:
7.4, 8.1, 9.4, 7.5, 10.0
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1510 | PN1510 | FactoryTalk View SE Contains Multiple Vulnerabilities Found During Pwn2Own Competition
Published Date:
August 20, 2020
Last Updated:
August 20, 2020
CVE IDs:
CVE-2020-12027, CVE-2020-12028, CVE-2020-12029, CVE-2020-12031
Products:
FactoryTalk View SE
CVSS Scores:
7.5, 9.0, 7.3, 5.3
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Low
PN1509 | PN1509 | Studio 5000 Logix Designer XML External Entity (XXE) Vulnerability Found During Pwn2Own Competition
Published Date:
August 11, 2020
Last Updated:
August 11, 2020
CVE IDs:
CVE-2020-12025
Products:
Logix Designer
CVSS Scores:
3.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1025 | PN1025 | CompactLogix / Compact GuardLogix 5370 Denial of Service
Published Date:
August 10, 2020
Last Updated:
August 10, 2020
CVE IDs:
CVE-2017-9312
Products:
Armor Compact Logix, Compact GaurdLogix 5370, CompactLogix 5370
CVSS Scores:
8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1525 | PN1525 | FactoryTalk Services Platform Improper User Password Hashing
Published Date:
July 30, 2020
Last Updated:
July 30, 2020
CVE IDs:
CVE-2020-14516
Products:
FactoryTalk Services Platform
CVSS Scores:
10.0
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1516 | PN1516 | FactoryTalk Services Platform XXE Vulnerability
Published Date:
June 25, 2020
Last Updated:
June 25, 2020
CVE IDs:
CVE-2020-14478
Products:
FactoryTalk Services Platform
CVSS Scores:
8.4
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1515 | PN1515 | FactoryTalk View SE Credential Disclosure Vulnerabilities
Published Date:
June 25, 2020
Last Updated:
June 25, 2020
CVE IDs:
CVE-2020-14480, CVE-2020-14481
Products:
FactoryTalk View SE
CVSS Scores:
8.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1511 | PN1511 | FactoryTalk Linx Path Traversal Vulnerability Found During Pwn2Own Competition
Published Date:
June 24, 2020
Last Updated:
June 24, 2020
CVE IDs:
CVE-2020-12001
Products:
FactoryTalk Linx Gateway
CVSS Scores:
9.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1507 | PN1507 | FactoryTalk Linx Affected by Multiple Vulnerabilities
Published Date:
June 24, 2020
Last Updated:
June 24, 2020
CVE IDs:
CVE-2020-11999, CVE-2020-12005, CVE-2020-12003, CVE-2020-12001
Products:
FactoryTalk Linx Gateway
CVSS Scores:
7.5, 9.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1512 | PN1512 | FactoryTalk Services Platform Vulnerable to Arbitrary COM Instantiation During Pwn2Own Competition
Published Date:
June 18, 2020
Last Updated:
June 18, 2020
CVE IDs:
CVE-2020-12033
Products:
FactoryTalk Services Platform
CVSS Scores:
7.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1084 | PN1084 | Multiple Vulnerabilities in Arena Simulation Software
Published Date:
June 08, 2020
Last Updated:
June 08, 2020
CVE IDs:
CVE-2019-13527, CVE-2019-13510, CVE-2019-13519, CVE-2019-13511, CVE-2019-13521
Products:
Arena
CVSS Scores:
7.8, 8.6, 3.3
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1503 | PN1503 | EDS Subsystem Affected by Multiple Vulnerabilities
Published Date:
May 19, 2020
Last Updated:
May 19, 2020
CVE IDs:
CVE-2020-12038, CVE-2020-12034
Products:
Software, Logix Designer, RSNetWorx, FactoryTalk Linx Gateway, RSLinx Classic (Single Node, FactoryTalk Linx / RSLinx Enterprise, RSLogix 5000 / Studio 5000 Logix Designer
CVSS Scores:
8.2, 6.7
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1502 | PN1502 | OSIsoft PI System Vulnerabilities Affect Multiple Rockwell Automation Software Products
Published Date:
May 12, 2020
Last Updated:
May 12, 2020
CVE IDs:
CVE-2020-10608, CVE-2020-10606, CVE-2020-10645, CVE-2020-10600, CVE-2020-10610
Products:
FactoryTalk VantagePoint, FactoryTalk View SE, FactoryTalk Historian SE, PlantPAx, ThingWorx Connection Server
CVSS Scores:
7.8, 8.0, 5.9
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1500 | PN1500 | FactoryTalk Activation Affected by Sentinel LDK Vulnerabilities
Published Date:
April 23, 2020
Last Updated:
April 23, 2020
CVE IDs:
CVE-2017-12819, CVE-2019-8282, CVE-2017-11497, CVE-2017-11496, CVE-2017-12818, CVE-2017-11498, CVE-2017-12821, CVE-2017-12822, CVE-2019-8283, CVE-2017-12820
Products:
FactoryTalk Activation
CVSS Scores:
7.5, 9.9, 9.8, 5.3
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1499 | PN1499 | RSLinx Classic Privilege Escalation Vulnerability
Published Date:
April 09, 2020
Last Updated:
April 09, 2020
CVE IDs:
CVE-2020-10642
Products:
RSLinx Classic (Single Node
CVSS Scores:
8.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1498 | PN1498 | Current Program Updater Vulnerable to Privilege Escalation
Published Date:
April 09, 2020
Last Updated:
April 09, 2020
CVE IDs:
CVE-2017-5176
Products:
Current Program Updater v1.1.0.7
CVSS Scores:
7.0
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1046 | PN1046 | Stratix 5950 Denial of Service Vulnerability
Published Date:
April 07, 2020
Last Updated:
April 07, 2020
CVE IDs:
CVE-2018-0472
Products:
Stratix 5950 Security Appliance
CVSS Scores:
8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1027 | PN1027 | Stratix 5950 Contains Multiple Vulnerabilities
Published Date:
April 07, 2020
Last Updated:
April 07, 2020
CVE IDs:
CVE-2018-0228, CVE-2018-0296, CVE-2018-0227, CVE-2018-0231, CVE-2018-0240
Products:
Stratix 5950 Security Appliance
CVSS Scores:
7.5, 10.0, 8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN1100 | PN1100 | Stratix 5950 Secure Boot Hardware Tampering Vulnerability
Published Date:
March 10, 2020
Last Updated:
March 10, 2020
CVE IDs:
CVE-2019-1649
Products:
__productNames
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1411 | PN1411 | MicroLogix Controllers, RSLogix 500 Software Contains Multiple Vulnerabilities Affecting Confidentiality
Published Date:
March 05, 2020
Last Updated:
March 05, 2020
CVE IDs:
CVE-2020-6980, CVE-2020-6990, CVE-2020-6988, CVE-2020-6984
Products:
RSLogix 500
CVSS Scores:
4.0, 5.9, 9.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN978 | PN978 | PanelView Plus 6 700-1500 (7-15 displays) with Open Test Port
Published Date:
February 11, 2020
Last Updated:
February 11, 2020
Products:
2711P PanelView Plus 6 Logic Modules, 2711P PanelView Plus 6 400-1500
CVSS Scores:
8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN937 | PN937 | MicroLogix™ 1400 SNMP Credentials
Published Date:
February 11, 2020
Last Updated:
February 11, 2020
CVE IDs:
CVE-2016-5645
Products:
MicroLogix 1400 SNMP Credentials
CVSS Scores:
7.3
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
PN928 | PN928 | PowerFlex 7000 Writeable Parameters
Published Date:
February 11, 2020
Last Updated:
February 11, 2020
Products:
PowerFlex 7000 Writeable Parameters
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN915 | PN915 | Integrated Architecture Builder (IAB) Access Violation
Published Date:
February 11, 2020
Last Updated:
February 11, 2020
CVE IDs:
CVE-2016-2277
Products:
Integrated Architecture Builder (IAB)
CVSS Scores:
6.3
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN910 | PN910 | MicroLogix 1100 Web Server Buffer Overflow
Published Date:
February 11, 2020
Last Updated:
February 11, 2020
CVE IDs:
CVE-2016-0868
Products:
MicroLogix 1100 Web Server Buffer Overflow
CVSS Scores:
9.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
PN907 | PN907 | SCADAPass Default Passwords
Published Date:
February 11, 2020
Last Updated:
February 11, 2020
Products:
2711P PanelView Plus 6 Logic Modules, POINT I/O Communication Interfaces, 2711P PanelView Plus 6 400-1500
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
PN900 | PN900 | Rockwell Automation recommended mitigations for Zero day vulnerability (W32.Stuxnet) to Microsoft® Windows™
Published Date:
February 11, 2020
Last Updated:
February 11, 2020
CVE IDs:
CVE-2010-2568
Products:
RSLinx Classic (Single Node
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN893 | PN893 | MicroLogix 1100 and 1400 Controller Vulnerabilities
Published Date:
February 11, 2020
Last Updated:
February 11, 2020
CVE IDs:
CVE-2015-6492, CVE-2015-6491, CVE-2015-6490, CVE-2015-6486, CVE-2015-6488
Products:
MicroLogix 1100 and 1400 controller
CVSS Scores:
7.5, 3.7, 9.8, 4.6, 4.7
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN889 | PN889 | FT Historian SE OSIsoft PI Data Archive Vulnerabilities
Published Date:
February 11, 2020
Last Updated:
February 11, 2020
Products:
FactoryTalk Historian SE
CVSS Scores:
10
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
PN676 | PN676 | FactoryTalk RnaUtility.dll Vulnerability
Published Date:
February 11, 2020
Last Updated:
February 11, 2020
Products:
FactoryTalk Services Platform
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN567 | PN567 | Client Software Authentication Security Vulnerability in PLC5® and SLC™ 5/0x Controllers
Published Date:
February 11, 2020
Last Updated:
February 11, 2020
Products:
1747-L5x, 1785-Lx
CVSS Scores:
10
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN560 | PN560 | Password Security Vulnerability in MicroLogix™ Controllers
Published Date:
February 11, 2020
Last Updated:
February 11, 2020
Products:
MicroLogix Controllers
CVSS Scores:
10
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN402 | PN402 | ControlLogix 1756-ENBT/A EtherNet/IP Bridge - Potential Security Vulnerability
Published Date:
February 11, 2020
Last Updated:
February 11, 2020
Products:
ControlLogix 1756-ENBT/A Ethernet/IP Bridge
CVSS Scores:
5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
PN391 | PN391 | ControlLogix 1756-ENBT/A Ethernet/IP Bridge - Potential Security Vulnerabilities
Published Date:
February 11, 2020
Last Updated:
February 11, 2020
Products:
1756 ControlLogix I/O
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
PN359 | PN359 | Firmware Upgrade Security Notice: Comment on DHS Communication (Control Systems Vulnerability in Multiple Sectors)
Published Date:
February 11, 2020
Last Updated:
February 11, 2020
Products:
1756-L72, L73, L74, L75 , 1789 SoftLogi PC
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1059 | PN1059 | Vulnerabilities Discovered in PowerMonitor 1000 Monitor
Published Date:
August 26, 2019
Last Updated:
August 26, 2019
CVE IDs:
CVE-2018-19615, CVE-2018-19616
Products:
1408 PowerMonitor 1000
CVSS Scores:
9.1, 7.4
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1081 | PN1081 | Ability to gain root-user level access to PanelView 5510 Graphic Terminals
Published Date:
August 02, 2019
Last Updated:
August 02, 2019
CVE IDs:
CVE-2019-10970
Products:
PanelView 5510
CVSS Scores:
7.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1072 | PN1072 | Notice Regarding BlueKeep: Windows Security Vulnerability (CVE-2019-0708)
Published Date:
May 20, 2019
Last Updated:
May 20, 2019
CVE IDs:
CVE-2019-0708
Products:
Third Party, Compliance / Audit Trail / Security, RSBizWare Machine Performance, PLC5/250, ControlPak General, RSWire, ProcessPak, Historian Classic, Security Server, Integration Manager, 6200-PLC3, RSLogix Frameworks, SOS, RSLogix 500, AI-5, dsShopLib, Arena, Foundation Server, Shop Operations, RSLibrary Builder, RSBizWare Coordinator, Reporting (form based), AI-Micro, RSView32 WebServer, AI-3, E-Plan, Database, FactoryTalk ViewPoint, RSData OCX, SPC, Admin Tools, RSView32 SPC, FactoryTalk VantagePoint, App Solutions Documentation, Business Objects, Migration, Master Disk Copy Protection, Studio 5000 View Designer, RSGuardian, RSBizWare Tracker, Raise Software, RSToolPak II, FactoryTalk View SE, Reporting, Interface Manager, DataDisc, MaterialTrack, RSLogix 5, Operator Certification, Live Transfer, ThinManager, ControlView, Advisor, Printing, RSLogix Emulate 5000 / Studio 5000 Logix Emulate, LiveData, Agile, Installation, RSLogix Emulate 500, RSPower, Entek, Knowledge Documentation, RSLogix Emulate 5, PBase, Build Utility, FactoryTalk Services Platform, Shop Operation, Foundation Client, AI-5/250, AI-500, NCR/CAR/IQA, WINtelligent Recipe, RSView32, 6200-PLC5, FactoryTalk Activation, Purge, FactoryTalk Historian SE, RSEnterprise Controls, WINtelligent Logic 5, WSIntegrate, PID Logistics 500, SoftLogix5800, RSMACC, FactoryTalk VantagePoint EMI, RSPowerTools, RSView32 Messenger, FactoryTalk Linx Gateway, Supplier Manager, RSView32 Active Display, Maintenance Releases, 100/150 PCD, Connected Components Workbench, Logix Emulate, ComplianceTrack, RSBizWare Scheduler, RSTools, Portlets, PID Logistics 5, WINtelligent Quality, AI-2, GEMS, Documentation, PLC2A and T3, General Computer, ERP Integration Gateway, ETL, Historical Transfer, ECO, Activities, RSTestStand, RSWorkbench, RS PMX CTM, RSBizWare Line Performance, Production Management Client, RSLadder, Data, RMA, DataSite Workbench, Logix Designer, Thin Client, FactoryTalk Integrator, FactoryTalk Network Manager, AI Emulate 500, RSPower32, AI Emulate 5, Administration, Production Execution Client, 1757 ProcessLogix, WINtelligent View, Installation, JD Edwards, Dashboard, Integrated Architecture Builder (IAB), WINtelligent HMI, PMX, 6200-5/250, eProcedure, RSView - 16 Bit, RSChart, ActiveX Control, FactoryTalk Metrics, TrendX, Universe Manager, FactoryTalk AssetCentre, RSTrend, Knowledge Installation, Sampling Plans, General, RSSidewinderX, Configuration Tool, FactoryTalk Transaction Manager, Consumer Packaged Goods Suite, Studio 5000 Application Code Manager (ACM), API, AI-100/150, PCO Software (6723), Reports (Out-of-box), FactoryTalk Batch, PlantMetrics, FactoryTalk EnergyMetrix, FactoryTalk View ME, SoftLogix5, FactoryTalk Analytics for Machines, Process Designer, WINtelligent Trend, RSPocketLogix, Reports (Custom), Other, 6200-PLC2, Automotive Suite , RSMailman, Quality Assurance (6.x), ICAPA, RSLogix Architect / Studio 5000 Architect, Equipment Manager, GUI, FactoryTalk Analytics for Devices, CtrlContainer, Complaint Handling, RSToolPak I, Server Configuration, Pavilion, RSData VBX, Authentication
CVSS Scores:
9.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN950 | PN950 | Logix5000 Programmable Automation Controller Denial of Service/Buffer Overflow Vulnerability
Published Date:
May 13, 2019
Last Updated:
May 13, 2019
CVE IDs:
CVE-2016-9343
Products:
SoftLogix5800, RSLogix Emulate 5000 / Studio 5000 Logix Emulate
CVSS Scores:
10.0
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1040 | PN1040 | CompactLogix 5370 Programmable Automation Controllers Denial of Service Vulnerabilities
Published Date:
April 30, 2019
Last Updated:
April 30, 2019
CVE IDs:
CVE-2019-10952, CVE-2019-10954
Products:
CompactLogix 5370
CVSS Scores:
8.6, 5.3
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1068 | PN1068 | Open Redirect Vulnerability MicroLogix, CompactLogix 5370 Controllers
Published Date:
April 23, 2019
Last Updated:
April 23, 2019
CVE IDs:
CVE-2019-10955
Products:
Compact Logix 5370, MicroLogix
CVSS Scores:
7.1
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1045 | PN1045 | Stratix 5400/5410/5700/8000/8300 Denial of Service Vulnerabilities
Published Date:
April 04, 2019
Last Updated:
April 04, 2019
CVE IDs:
CVE-2018-0466, CVE-2018-0473, CVE-2018-15373, CVE-2018-0470, CVE-2018-0467
Products:
Stratix 8300 L3 Modular Managed Switch, Stratix 8000 Modular Managed Switch, Stratix 5700 Managed Switch, Stratix 5400 Industrial Ethernet Switch, Stratix 5410 Ind Distribution Switch
CVSS Scores:
7.5, 7.4, 8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN1044 | PN1044 | Stratix 5400/5410/5700 Device Reload Vulnerability
Published Date:
April 04, 2019
Last Updated:
April 04, 2019
CVE IDs:
CVE-2018-15377
Products:
Stratix 8300 L3 Modular Managed Switch, Stratix 8000 Modular Managed Switch, Stratix 5700 Managed Switch, Stratix 5400 Industrial Ethernet Switch, Stratix 5410 Ind Distribution Switch
CVSS Scores:
6.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN977 | PN977 | MicroLogix 1100 Controllers Malformed Packet Denial of Service
Published Date:
April 03, 2019
Last Updated:
April 03, 2019
CVE IDs:
CVE-2017-7924
Products:
MicroLogix 1100 Controllers
CVSS Scores:
7.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1043 | PN1043 | PowerFlex 525 AC Drives with Embedded EtherNet/IP Port Communication Denial of Service
Published Date:
March 29, 2019
Last Updated:
February 04, 2025
CVE IDs:
CVE-2018-19282
Products:
PowerFlex 525 AC Drives
CVSS Scores:
7.5
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
Critical
PN1061 | PN1061 | RSLinx Classic Denial of Service/Remote Code Execution Vulnerability
Published Date:
March 04, 2019
Last Updated:
March 04, 2019
CVE IDs:
CVE-2019-6553
Products:
RSLinx Classic (Single Node
CVSS Scores:
9.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN1058 | PN1058 | EtherNet/IP Web Server Module SNMP Service Denial of Service
Published Date:
February 06, 2019
Last Updated:
February 06, 2019
CVE IDs:
CVE-2018-19016
Products:
Ethernet/IP Connected Products, 1756 ControlLogix I/O
CVSS Scores:
5.3
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1033 | PN1033 | FactoryTalk Services Platform Denial of Service
Published Date:
November 27, 2018
Last Updated:
November 27, 2018
CVE IDs:
CVE-2018-18981
Products:
FactoryTalk Services Platform, Logix Designer, RSNetWorx, RSLogix Emulate 5000 / Studio 5000 Logix Emulate, FactoryTalk VantagePoint, FactoryTalk Linx Gateway, FactoryTalk Metrics, FactoryTalk View SE, FactoryTalk Historian SE, RSLinx Classic (Single Node, FactoryTalk Linx / RSLinx Enterprise, Studio 5000 View Designer, FactoryTalk AssetCentre, FactoryTalk ViewPoint
CVSS Scores:
7.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1042 | PN1042 | MicroLogix 1400 Controllers, 1756 ControlLogix EtherNet/IP Communication Modules Denial of Service
Published Date:
November 06, 2018
Last Updated:
November 06, 2018
Products:
1756 ControlLogix I/O
CVSS Scores:
8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN885 | PN885 | CompactLogix™ and 1756 ControlLogix® Communication Modules Reflective Cross-Site Scripting (XSS) Vulnerability
Published Date:
November 01, 2018
Last Updated:
November 01, 2018
CVE IDs:
CVE-2016-2279
Products:
1756 ControlLogix I/O
CVSS Scores:
6.1
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
PN1011 | PN1011 | Rockwell Automation Briefing on Meltdown and Spectre vulnerabilities.
Published Date:
October 01, 2018
Last Updated:
October 01, 2018
Products:
Third Party, Compliance / Audit Trail / Security, RSBizWare Machine Performance, PLC5/250, ControlPak General, RSWire, ProcessPak, Historian Classic, Security Server, Integration Manager, 6200-PLC3, RSLogix Frameworks, SOS, RSLogix 500, AI-5, dsShopLib, Arena, Foundation Server, Shop Operations, RSLibrary Builder, RSBizWare Coordinator, Reporting (form based), AI-Micro, RSView32 WebServer, AI-3, Database, FactoryTalk ViewPoint, RSData OCX, SPC, Admin Tools, RSView32 SPC, FactoryTalk VantagePoint, App Solutions Documentation, Business Objects, Migration, Master Disk Copy Protection, Studio 5000 View Designer, RSGuardian, RSBizWare Tracker, Raise Software, RSToolPak II, FactoryTalk View SE, Interface Manager, Reporting, DataDisc, MaterialTrack, RSLogix 5, Operator Certification, Live Transfer, ThinManager, Advisor, ControlView, Printing, RSLogix Emulate 5000 / Studio 5000 Logix Emulate, LiveData, Agile, Installation, RSLogix Emulate 500, Knowledge Documentation, RSPower, Entek, RSLogix Emulate 5, PBase, Build Utility, Shop Operation, Foundation Client, AI-5/250, AI-500, NCR/CAR/IQA, WINtelligent Recipe, RSView32, 6200-PLC5, FactoryTalk Activation, Purge, FactoryTalk Historian SE, RSEnterprise Controls, WINtelligent Logic 5, RSPowerTools, WSIntegrate, PID Logistics 500, RSMACC, FactoryTalk VantagePoint EMI, SoftLogix5800, RSView32 Messenger, FactoryTalk Linx Gateway, Supplier Manager, RSView32 Active Display, Maintenance Releases, 100/150 PCD, Connected Components Workbench, ComplianceTrack, RSTools, Portlets, RSBizWare Scheduler, WINtelligent Quality, PID Logistics 5, AI-2, GEMS, Documentation, PLC2A and T3, General Computer, Activities, ETL, ERP Integration Gateway, ECO, Historical Transfer, RS PMX CTM, RSTestStand, RSWorkbench, RSBizWare Line Performance, Production Management Client, RSLadder, Data, RMA, Thin Client, DataSite Workbench, Logix Designer, FactoryTalk Integrator, AI Emulate 500, RSPower32, AI Emulate 5, Administration, Production Execution Client, 1757 ProcessLogix, WINtelligent View, Installation, JD Edwards, Dashboard, Integrated Architecture Builder (IAB), WINtelligent HMI, PMX, 6200-5/250, eProcedure, RSView - 16 Bit, ActiveX Control, FactoryTalk Metrics, RSChart, TrendX, Universe Manager, Authentication, FactoryTalk AssetCentre, RSTrend, Knowledge Installation, Sampling Plans, General, RSSidewinderX, Configuration Tool, FactoryTalk Transaction Manager, Consumer Packaged Goods Suite, Studio 5000 Application Code Manager (ACM), AI-100/150, PlantMetrics, API, PCO Software (6723), Reports (Out-of-box), FactoryTalk Batch, FactoryTalk EnergyMetrix, FactoryTalk View ME, SoftLogix5, FactoryTalk Analytics for Machines, Process Designer, WINtelligent Trend, RSPocketLogix, Other, Reports (Custom), 6200-PLC2, RSMailman, Automotive Suite , Quality Assurance (6.x), ICAPA, RSLogix Architect / Studio 5000 Architect, Equipment Manager, GUI, FactoryTalk Analytics for Devices, PlantPAx, CtrlContainer, Complaint Handling, RSToolPak I, Server Configuration, Pavilion, RSData VBX, FactoryTalk Services Platform
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
PN715 | PN715 | Advisory on web search tools that identify ICS devices and systems connected to the Internet
Published Date:
September 20, 2018
Last Updated:
September 20, 2018
Products:
Ethernet/IP Connected Products
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1037 | PN1037 | RSLinx Classic Heap and Buffer Overflow Vulnerabilities
Published Date:
September 20, 2018
Last Updated:
September 20, 2018
CVE IDs:
CVE-2018-14829, CVE-2018-14827, CVE-2018-14821
Products:
RSLinx Classic (Single Node
CVSS Scores:
7.5, 10.0, 8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1018 | PN1018 | FactoryTalk Activation Manager Vulnerabilities
Published Date:
July 20, 2018
Last Updated:
July 20, 2018
CVE IDs:
CVE-2017-13754, CVE-2015-8277
Products:
FactoryTalk Transaction Manager, Logix Designer, RSNetWorx, RSLogix Emulate 5000 / Studio 5000 Logix Emulate, FactoryTalk Linx Gateway, FactoryTalk Metrics, FactoryTalk EnergyMetrix, RSLinx Classic (Single Node, RSLogix 5, FactoryTalk Activation, Studio 5000 View Designer, Logix Emulate, FactoryTalk AssetCentre, FactoryTalk Historian SE, RSLogix 500
CVSS Scores:
2.7, 9.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1026 | PN1026 | RSLinx Classic and FactoryTalk Linx Gateway Privilege Escalation through Unquoted Service Path
Published Date:
June 07, 2018
Last Updated:
June 07, 2018
CVE IDs:
CVE-2018-10619
Products:
FactoryTalk Linx Gateway, RSLinx Classic (Single Node
CVSS Scores:
8.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN1024 | PN1024 | Arena Simulation Software Denial of Service
Published Date:
May 10, 2018
Last Updated:
May 10, 2018
Products:
Arena
CVSS Scores:
5.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1021 | PN1021 | Stratix 8300 Denial of Service and Remote Code Execution Vulnerabilities
Published Date:
April 16, 2018
Last Updated:
April 16, 2018
CVE IDs:
CVE-2018-0174, CVE-2018-0171, CVE-2018-0167, CVE-2018-0175, CVE-2018-0173, CVE-2018-0172, CVE-2018-0155, CVE-2018-0156
Products:
Stratix 8300 L3 Modular Managed Switch
CVSS Scores:
8.8, 9.8, 8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1020 | PN1020 | Stratix 5900 Denial of Service and Remote Code Execution Vulnerabilities
Published Date:
April 16, 2018
Last Updated:
April 16, 2018
CVE IDs:
CVE-2018-0151, CVE-2018-0175, CVE-2018-0167, CVE-2018-0158
Products:
Stratix 5900 Services Router
CVSS Scores:
8.8, 9.8, 8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN1019 | PN1019 | Stratix 5400/5410/5700/8000 Denial of Service and Remote Code Execution Vulnerabilities
Published Date:
April 16, 2018
Last Updated:
April 16, 2018
CVE IDs:
CVE-2018-0174, CVE-2018-0171, CVE-2018-0167, CVE-2018-0175, CVE-2018-0173, CVE-2018-0172, CVE-2018-0158, CVE-2018-0156
Products:
ArmorStratix 5700 Managed Switch, Stratix 8000 Modular Managed Switch, Stratix 5700 Managed Switch, Stratix 5400 Industrial Ethernet Switch, Stratix 5410 Ind Distribution Switch
CVSS Scores:
8.8, 9.8, 8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1015 | PN1015 | MicroLogix Controller Vulnerabilities
Published Date:
March 28, 2018
Last Updated:
March 28, 2018
CVE IDs:
CVE-2017-12093, CVE-2017-14471, CVE-2017-14467, CVE-2017-14472, CVE-2017-14473, CVE-2017-14462, CVE-2017-14468, CVE-2017-14463, CVE-2017-14466, CVE-2017-12092, CVE-2017-12090, CVE-2017-14465, CVE-2017-14470, CVE-2017-12089, CVE-2017-14469, CVE-2017-12088, CVE-2017-14464
Products:
MicroLogix 1401
CVSS Scores:
3.7, 6.8, 6.3, 8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1010 | PN1010 | MicroLogix 1400 Modbus TCP Buffer Overflow Denial of Service
Published Date:
December 22, 2017
Last Updated:
December 22, 2017
Products:
MicroLogix 1400
CVSS Scores:
8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1000 | PN1000 | FactoryTalk Alarms and Events Historian Denial of Service
Published Date:
December 07, 2017
Last Updated:
December 07, 2017
CVE IDs:
CVE-2017-14022
Products:
FactoryTalk Services Platform, FactoryTalk View SE, Logix Designer
CVSS Scores:
7.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN1003 | PN1003 | Stratix 5100 Wireless Access Point/Workgroup Bridge affected by Key Reinstallation Attacks (KRACK) research paper
Published Date:
November 06, 2017
Last Updated:
November 06, 2017
CVE IDs:
CVE-2017-13082
Products:
Stratix 5100 WAP/Workgroup Bridge
CVSS Scores:
6.9
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN991 | PN991 | Stratix SNMP Packet Remote Code Execution Vulnerabilities
Published Date:
November 02, 2017
Last Updated:
November 02, 2017
CVE IDs:
CVE-2017-6741, CVE-2017-6744, CVE-2017-6743, CVE-2017-6740, CVE-2017-6738, CVE-2017-6737, CVE-2017-6742, CVE-2017-6739, CVE-2017-6736
Products:
Stratix 8300 L3 Modular Managed Switch, Stratix 8000 Modular Managed Switch, Stratix 5700 Managed Switch, Stratix 5400 Industrial Ethernet Switch, Stratix 5900 Services Router, Stratix 5410 Ind Distribution Switch
CVSS Scores:
8.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN962 | PN962 | Stratix CMP Remote Code Execution Vulnerability
Published Date:
November 02, 2017
Last Updated:
November 02, 2017
CVE IDs:
CVE-2017-3881
Products:
Stratix 8300 L3 Modular Managed Switch, Stratix 8000 Modular Managed Switch, Stratix 5700 Managed Switch, Stratix 5410 Ind Distribution Switch, Stratix 5400 Industrial Ethernet Switch, ArmorStratix 5700 Managed Switch
CVSS Scores:
9.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN958 | PN958 | FactoryTalk Activation Unquoted Service Path Privilege Escalation
Published Date:
August 24, 2017
Last Updated:
August 24, 2017
Products:
FactoryTalk Activation
CVSS Scores:
8.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
PN1493 | PN1493 | Rockwell Automation Recommended Mitigations for the “Petya” Malware
Published Date:
June 30, 2017
Last Updated:
June 30, 2017
Products:
Third Party, Compliance / Audit Trail / Security, 6181X Hazardous Non-Display, RSBizWare Machine Performance, PLC5/250, ControlPak General, RSWire, PanelView Plus 6 Compact, ProcessPak, Historian Classic, Security Server, Integration Manager, 6200-PLC3, RSLogix Frameworks, SOS, RSLogix 500, AI-5, dsShopLib, Arena, Foundation Server, Shop Operations, RSLibrary Builder, RSBizWare Coordinator, Reporting (form based), AI-Micro, RSView32 WebServer, AI-3, Database, FactoryTalk ViewPoint, RSData OCX, 6186M Performance Monitor, SPC, Admin Tools, RSView32 SPC, FactoryTalk VantagePoint, App Solutions Documentation, 6176M Standard Monitor, Business Objects, 2711T MobileView Tethered, Migration, Master Disk Copy Protection, Studio 5000 View Designer, RSGuardian, RSBizWare Tracker, 650R Non-Display Computers, RSToolPak II, Raise Software, 750R Non-Display Computers, FactoryTalk View SE, Reporting, Interface Manager, PanelView 800, DataDisc, RSLogix 5, Operator Certification, Live Transfer, MaterialTrack, ThinManager, 2711T MobileView Accessories, 6181 Computers, 1450R Non-Display Computers, ControlView, Advisor, Printing, RSLogix Emulate 5000 / Studio 5000 Logix Emulate, LiveData, Agile, 2711P PanelView Plus 7 Performance, Installation, RSLogix Emulate 500, Knowledge Documentation, PBase, RSLogix Emulate 5, RSPower, Entek, Build Utility, Shop Operation, Foundation Client, AI-5/250, AI-500, NCR/CAR/IQA, WINtelligent Recipe, RSView32, 6200-PLC5, FactoryTalk Activation, Purge, FactoryTalk Historian SE, RSEnterprise Controls, WINtelligent Logic 5, WSIntegrate, PID Logistics 500, SoftLogix5800, FactoryTalk VantagePoint EMI, RSMACC, RSPowerTools, RSView32 Messenger, FactoryTalk Linx Gateway, Supplier Manager, RSView32 Active Display, Maintenance Releases, Connected Components Workbench, 100/150 PCD, ComplianceTrack, PanelView Component, RSTools, Portlets, RSBizWare Scheduler, PID Logistics 5, WINtelligent Quality, AI-2, GEMS, ERP Integration Gateway, General Computer, PLC2A and T3, Activities, ETL, Historical Transfer, ECO, Documentation, RSWorkbench, RSTestStand, RS PMX CTM, 6180 Computers with Keypad, RSBizWare Line Performance, Production Management Client, RSLadder, RMA, Data, Thin Client, Logix Designer, DataSite Workbench, FactoryTalk Integrator, AI Emulate 500, RSPower32, Legacy, AI Emulate 5, 2711P PanelView Plus 6 Logic Modules, Administration, 6155 Compact Computers, Production Execution Client, PanelView 5000, 1757 ProcessLogix, WINtelligent View, Installation, JD Edwards, Dashboard, Integrated Architecture Builder (IAB), 6181X Hazardous Integrated Display, PMX, WINtelligent HMI, 6200-5/250, eProcedure, RSView - 16 Bit, RSChart, ActiveX Control, FactoryTalk Metrics, TrendX, Universe Manager, Authentication, FactoryTalk AssetCentre, RSTrend, Knowledge Installation, Sampling Plans, 2711P PanelView Plus 7 Standard, General, RSSidewinderX, Configuration Tool, FactoryTalk Transaction Manager, Consumer Packaged Goods Suite, Studio 5000 Application Code Manager (ACM), Reports (Out-of-box), PlantMetrics, PCO Software (6723), API, FactoryTalk Batch, AI-100/150, FactoryTalk EnergyMetrix, FactoryTalk View ME, SoftLogix5, FactoryTalk Analytics for Machines, Legacy, WINtelligent Trend, Process Designer, RSPocketLogix, Reports (Custom), Other, 6200-PLC2, Automotive Suite , RSMailman, Quality Assurance (6.x), ICAPA, RSLogix Architect / Studio 5000 Architect, Equipment Manager, GUI, FactoryTalk Analytics for Devices, PlantPAx, CtrlContainer, 2711P PanelView Plus 6 400-1500, Complaint Handling, RSToolPak I, Server Configuration, Pavilion, RSData VBX, FactoryTalk Services Platform
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
PN1492 | PN1492 | Rockwell Automation Recommended Mitigations For “WannaCry” Ransomware
Published Date:
May 18, 2017
Last Updated:
May 18, 2017
Products:
Third Party, Compliance / Audit Trail / Security, 6181X Hazardous Non-Display, RSBizWare Machine Performance, PLC5/250, ControlPak General, RSWire, ProcessPak, Historian Classic, Security Server, Integration Manager, 6200-PLC3, RSLogix Frameworks, SOS, RSLogix 500, AI-5, dsShopLib, Arena, Foundation Server, Shop Operations, RSLibrary Builder, RSBizWare Coordinator, Reporting (form based), AI-Micro, RSView32 WebServer, AI-3, Database, FactoryTalk ViewPoint, RSData OCX, SPC, Admin Tools, RSView32 SPC, FactoryTalk VantagePoint, App Solutions Documentation, Business Objects, Migration, Master Disk Copy Protection, Studio 5000 View Designer, RSGuardian, RSBizWare Tracker, 650R Non-Display Computers, RSToolPak II, Raise Software, 750R Non-Display Computers, FactoryTalk View SE, Reporting, Interface Manager, DataDisc, MaterialTrack, RSLogix 5, Operator Certification, Live Transfer, ThinManager, 6181 Computers, 1450R Non-Display Computers, Advisor, ControlView, Printing, RSLogix Emulate 5000 / Studio 5000 Logix Emulate, LiveData, Agile, Installation, RSLogix Emulate 500, PBase, Knowledge Documentation, RSLogix Emulate 5, RSPower, Entek, Build Utility, Shop Operation, Foundation Client, AI-5/250, AI-500, NCR/CAR/IQA, WINtelligent Recipe, RSView32, 6200-PLC5, FactoryTalk Activation, Purge, FactoryTalk Historian SE, RSEnterprise Controls, WINtelligent Logic 5, WSIntegrate, RSPowerTools, SoftLogix5800, FactoryTalk VantagePoint EMI, RSMACC, PID Logistics 500, RSView32 Messenger, FactoryTalk Linx Gateway, Supplier Manager, RSView32 Active Display, Maintenance Releases, Connected Components Workbench, 100/150 PCD, ComplianceTrack, RSTools, Portlets, RSBizWare Scheduler, PID Logistics 5, WINtelligent Quality, AI-2, GEMS, Documentation, PLC2A and T3, General Computer, Activities, ETL, Historical Transfer, ECO, ERP Integration Gateway, RS PMX CTM, RSTestStand, RSWorkbench, 6180 Computers with Keypad, RSBizWare Line Performance, Production Management Client, RSLadder, RMA, Data, Thin Client, DataSite Workbench, Logix Designer, FactoryTalk Integrator, AI Emulate 500, RSPower32, Legacy, AI Emulate 5, Administration, 6155 Compact Computers, Production Execution Client, 1757 ProcessLogix, WINtelligent View, Installation, JD Edwards, Dashboard, 6181X Hazardous Integrated Display, Integrated Architecture Builder (IAB), WINtelligent HMI, PMX, 6200-5/250, eProcedure, RSView - 16 Bit, ActiveX Control, FactoryTalk Metrics, RSChart, TrendX, Universe Manager, Authentication, FactoryTalk AssetCentre, RSTrend, Knowledge Installation, Sampling Plans, General, RSSidewinderX, Configuration Tool, FactoryTalk Transaction Manager, Consumer Packaged Goods Suite, Studio 5000 Application Code Manager (ACM), AI-100/150, PlantMetrics, API, FactoryTalk Batch, PCO Software (6723), Reports (Out-of-box), FactoryTalk EnergyMetrix, FactoryTalk View ME, SoftLogix5, FactoryTalk Analytics for Machines, Legacy, Process Designer, WINtelligent Trend, RSPocketLogix, Reports (Custom), Other, 6200-PLC2, Automotive Suite , RSMailman, Quality Assurance (6.x), ICAPA, RSLogix Architect / Studio 5000 Architect, Equipment Manager, GUI, FactoryTalk Analytics for Devices, PlantPAx, CtrlContainer, Complaint Handling, RSToolPak I, Server Configuration, Pavilion, RSData VBX, FactoryTalk Services Platform
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN946 | PN946 | Stratix® Denial of Service Vulnerabilities
Published Date:
April 26, 2017
Last Updated:
April 26, 2017
CVE IDs:
CVE-2016-6380, CVE-2016-6385, CVE-2016-6382, CVE-2016-6393
Products:
ArmorStratix 5700 Managed Switch, Stratix 8000 Modular Managed Switch, Stratix 5700 Managed Switch, Stratix 5400 Industrial Ethernet Switch, Stratix 5410 Ind Distribution Switch
CVSS Scores:
9.9, 8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN967 | PN967 | MicroLogix Controller v21 Security Updates
Published Date:
April 25, 2017
Last Updated:
April 25, 2017
CVE IDs:
CVE-2017-7902, CVE-2017-7901, CVE-2017-7899, CVE-2017-7898, CVE-2017-7903
Products:
MicroLogix Controller
CVSS Scores:
5.4, 8.1, 3.1, 9.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN966 | PN966 | ControlLogix 5580 and CompactLogix 5380 Programmable Automation Controller Denial of Service
Published Date:
April 04, 2017
Last Updated:
April 04, 2017
CVE IDs:
CVE-2017-6024
Products:
ControlLogix 5580 and Compact Logix 5380 Progammable Automation Controller
CVSS Scores:
6.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
PN965 | PN965 | Stratix 5900 Security Updates
Published Date:
April 04, 2017
Last Updated:
April 04, 2017
CVE IDs:
CVE-2015-1787, CVE-2014-0195, CVE-2014-2109, CVE-2014-3566, CVE-2016-1344, CVE-2015-7702, CVE-2015-7871, CVE-2014-2106, CVE-2015-0207, CVE-2016-6393, CVE-2014-3360, CVE-2014-2112, CVE-2016-6380, CVE-2015-7691, CVE-2015-7692, CVE-2015-7849, CVE-2015-0290, CVE-2014-0224, CVE-2015-7701, CVE-2014-3470, CVE-2014-2113, CVE-2014-2108, CVE-2015-7704, CVE-2016-6415, CVE-2014-2111, CVE-2015-0642, CVE-2015-1798, CVE-2014-0221, CVE-2015-0292, CVE-2015-0293, CVE-2015-7854, CVE-2014-0076, CVE-2015-0646, CVE-2014-3361, CVE-2016-6381, CVE-2016-1409, CVE-2015-7855, CVE-2015-0291, CVE-2015-7850, CVE-2016-6384, CVE-2014-3356, CVE-2014-3354, CVE-2014-3355, CVE-2014-3299, CVE-2015-7848, CVE-2015-0289, CVE-2015-7705, CVE-2015-7703, CVE-2015-7851, CVE-2015-1799, CVE-2016-6382, CVE-2014-3359, CVE-2015-0287, CVE-2010-5298, CVE-2015-7852, CVE-2015-0209, CVE-2015-0288, CVE-2015-0285, CVE-2014-0198, CVE-2015-0643, CVE-2015-7853, CVE-2016-1350
Products:
Stratix 5900 Services Router
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN959 | PN959 | Connected Components Workbench™ Software Dynamic Link Library (DLL) Hijack
Published Date:
February 16, 2017
Last Updated:
February 16, 2017
Products:
Connected Components Workbench
CVSS Scores:
7.0
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN938 | PN938 | RSLogix 500® and RSLogix™ Micro File Parser Buffer Overflow
Published Date:
February 14, 2017
Last Updated:
February 14, 2017
CVE IDs:
CVE-2016-5814
Products:
RSLogix 500
CVSS Scores:
8.6
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN949 | PN949 | MicroLogix Controller Vulnerabilities
Published Date:
December 01, 2016
Last Updated:
December 01, 2016
CVE IDs:
CVE-2016-9338, CVE-2016-9334
Products:
MicroLogix Controller
CVSS Scores:
6.5, 2.7
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN929 | PN929 | Stratix® 5400 and Stratix 5410 ICMP IPv4 Packet Corruption Vulnerability
Published Date:
June 23, 2016
Last Updated:
June 23, 2016
Products:
Stratix 5400 Industrial Ethernet Switch, Stratix 5410 Ind Distribution Switch
CVSS Scores:
5.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN930 | PN930 | FactoryTalk® EnergyMetrix™ Authentication Vulnerabilities
Published Date:
June 21, 2016
Last Updated:
June 21, 2016
CVE IDs:
CVE-2016-4522, CVE-2016-4531
Products:
FactoryTalk EnergyMetrix
CVSS Scores:
7.3
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
PN886 | PN886 | MicroLogix Web Redirect Vulnerability
Published Date:
September 17, 2015
Last Updated:
September 17, 2015
Products:
MicroLogix Web Redirect
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN869 | PN869 | RSView32 Weak Encryption Algorithm on Passwords
Published Date:
April 30, 2015
Last Updated:
April 30, 2015
Products:
RSView32
CVSS Scores:
4.9
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN852 | PN852 | RSLinx Classic File Input Buffer Overflow in OpcTest.exe
Published Date:
April 20, 2015
Last Updated:
April 20, 2015
Products:
RSLinx Classic (Single Node
CVSS Scores:
6.9
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN851 | PN851 | FactoryTalk Services Platform and FactoryTalk View Studio DLL Hijacking Vulnerability
Published Date:
February 12, 2015
Last Updated:
February 12, 2015
Products:
FactoryTalk View SE, FactoryTalk View ME
CVSS Scores:
6.9
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN841 | PN841 | Connected Components Workbench (CCW) ActiveX Component Vulnerability
Published Date:
November 03, 2014
Last Updated:
November 03, 2014
Products:
Connected Components Workbench
CVSS Scores:
7.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN836 | PN836 | MicroLogix 1400 DNP3 Denial of Service Vulnerability
Published Date:
September 09, 2014
Last Updated:
September 09, 2014
Products:
MicroLogix 1400 DNP3
CVSS Scores:
7.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN792 | PN792 | FactoryTalk Activation Manager Unnecessary Third-party Service
Published Date:
November 08, 2013
Last Updated:
November 08, 2013
Products:
Third Party, FactoryTalk Services Platform
CVSS Scores:
5.3
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
PN744 | PN744 | MicroLogix, SLC 500 and PLC5 Controller Vulnerability
Published Date:
August 02, 2013
Last Updated:
August 02, 2013
Products:
MicroLogix, SLC 500 and PLC5 Controller Vulnerability
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN759 | PN759 | FactoryTalk Diagnostics and RSLinx Enterprise Software Vulnerability
Published Date:
June 28, 2013
Last Updated:
June 28, 2013
Products:
FactoryTalk Linx / RSLinx Enterprise
CVSS Scores:
7.8
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
PN758 | PN758 | Stratix 5700, 8000 and 8300 Weak Password Vulnerability
Published Date:
April 02, 2013
Last Updated:
April 02, 2013
Products:
Ethernet/IP Network
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN561 | PN561 | Client Software Authentication Security Vulnerability in MicroLogix™ Controllers
Published Date:
March 19, 2013
Last Updated:
March 19, 2013
Products:
MicroLogix Controllers
CVSS Scores:
10
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN690 | PN690 | EtherNet/IP™ Product Vulnerabilities
Published Date:
January 03, 2013
Last Updated:
January 13, 2025
CVE IDs:
CVE-2012-6439, CVE-2012-6441, CVE-2012-6442 , CVE-2012-6438, CVE-2012-6437
Products:
Ethernet/IP Network
CVSS Scores:
10.0, 7.8, 8.5
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
PN753 | PN753 | Vulnerability claims relating to FactoryTalk Services and RSLogix 5000 Software
Published Date:
November 29, 2012
Last Updated:
November 29, 2012
Products:
Logix Designer
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN750 | PN750 | FactoryTalk® Historian SE Security Vulnerability from PI OPC DA software interface
Published Date:
November 02, 2012
Last Updated:
November 02, 2012
Products:
FactoryTalk Historian SE
CVSS Scores:
6.3
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN692 | PN692 | MicroLogix™ 1100 and 1400 Controller Vulnerability
Published Date:
July 18, 2012
Last Updated:
January 13, 2025
CVE IDs:
CVE-2012-6440
Products:
MicroLogix 1100 and 1400 controller
CVSS Scores:
9.3
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
High
PN691 | PN691 | Rockwell Automation Logix™ Controller Vulnerabilities
Published Date:
July 18, 2012
Last Updated:
January 13, 2025
CVE IDs:
CVE-2012-6436, CVE-2012-6435
Products:
ControlLogix, CompactLogix, GuardLogix, SoftLogix
CVSS Scores:
7.8
Known Exploited Vulnerability (KEV):
No
Corrected:
Yes
Workaround:
Yes
Más información Less Details Chevron DownChevron Down
Medium
PN687 | PN687 | FactoryTalk™ Diagnostics Receiver Service Vulnerability
Published Date:
February 15, 2012
Last Updated:
February 15, 2012
Products:
FactoryTalk Services Platform
CVSS Scores:
5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
PN675 | PN675 | RSLogix 5000 Software Potential Denial-of-Service Vulnerability
Published Date:
September 13, 2011
Last Updated:
September 13, 2011
Products:
Logix Designer
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1643 | PN1643 | 1756-EN2TR and 1756-EN3TR Open UDP Port Vulnerability
Published Date:
September 12, 2011
Last Updated:
September 12, 2011
Products:
1756 - EN2TR and 1756-EN3TR
CVSS Scores:
7.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Medium
PN670 | PN670 | RSLogix 5000 .ACD Project File Memory Corruption Anomaly
Published Date:
July 26, 2011
Last Updated:
July 26, 2011
Products:
Logix Designer
CVSS Scores:
5.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN656 | PN656 | RSLinx Classic OPC Automation ActiveX component vulnerability could allow arbitrary code execution
Published Date:
June 28, 2011
Last Updated:
June 28, 2011
Products:
RSLinx Classic (Single Node
CVSS Scores:
8.4
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN657 | PN657 | Opening a corrupted FactoryTalk Diagnostics Viewer Configuration file (*.ftd) could cause arbitrary code execution
Published Date:
June 24, 2011
Last Updated:
June 24, 2011
Products:
FactoryTalk View SE, FactoryTalk Transaction Manager, FactoryTalk View ME
CVSS Scores:
7.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
PN649 | PN649 | ControlLogix 1756-EWEB Enhanced Web Server Firmware Upgrade Security Vulnerability
Published Date:
June 15, 2011
Last Updated:
June 15, 2011
Products:
Ethernet/IP Network, 1756 ControlLogix I/O
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN648 | PN648 | ControlLogix 1756-EN2T EtherNet/IP Bridge Firmware Upgrade Security Vulnerability
Published Date:
June 15, 2011
Last Updated:
June 15, 2011
Products:
Ethernet/IP Network, 1756 ControlLogix I/O
CVSS Scores:
10
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN647 | PN647 | ControlLogix 1756-EWEB Enhanced Web Server FTP Server Security Vulnerability
Published Date:
June 15, 2011
Last Updated:
June 15, 2011
Products:
Ethernet/IP Network, 1756 ControlLogix I/O
CVSS Scores:
7.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN646 | PN646 | RSLinx Classic™ EDS Wizard Buffer Overflow Vulnerability - May 24, 2011
Published Date:
May 24, 2011
Last Updated:
May 24, 2011
Products:
RSLinx Classic
CVSS Scores:
9.3
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN641 | PN641 | Security vulnerability in password mechanism of MicroLogix™ 1100 and 1400 Controllers
Published Date:
May 17, 2011
Last Updated:
May 17, 2011
Products:
1763-L16xxx, 1766-L32xxx
CVSS Scores:
7.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
High
PN1644 | PN1644 | Open UDP Port in 1756-ENBT EtherNet/IP™ Communication Interface
Published Date:
July 06, 2010
Last Updated:
July 06, 2010
Products:
1756-ENBT
CVSS Scores:
7.5
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN570 | PN570 | RSLinx Classic™ EDS Wizard Buffer Overflow Vulnerability - March 3, 2010
Published Date:
March 03, 2010
Last Updated:
March 03, 2010
Products:
RSLinx Classic (Single Node
CVSS Scores:
9.3
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
Critical
PN566 | PN566 | Password Security Vulnerability in PLC5® and SLC™ 5/0x Controllers
Published Date:
February 02, 2010
Last Updated:
February 02, 2010
Products:
1785-L11B, 1785-L20B, 1785-L30B, 1785-L40L, 1785-L60B, 1785-L60L, 1785-L80B
CVSS Scores:
10
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
Más información Less Details Chevron DownChevron Down
  • 15
  • 30
  • 45
  • 60
15
1
-
15
de
263

Report a Security Concern

There was a problem with your submission. Please review the error messages above for help with completing the form.

To provide attachments please communicate securely with us via PSIRT@rockwellautomation.com using our PGP Public Key Block.