Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rockwellautomation isagraf vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-2463
Rockwell Automation ISaGRAF Workbench software versions 6.0 up to and including 6.6.9 are affected by a Path Traversal vulnerability. A crafted malicious .7z exchange file may allow an malicious user to gain the privileges of the ISaGRAF Workbench software when opened. If the sof...
Rockwellautomation Isagraf Workbench
NA
CVE-2022-2464
Rockwell Automation ISaGRAF Workbench software versions 6.0 up to and including 6.6.9 are affected by a Path Traversal vulnerability. Crafted malicious files can allow an malicious user to traverse the file system when opened by ISaGRAF Workbench. If successfully exploited, an at...
Rockwellautomation Isagraf Workbench
NA
CVE-2022-2465
Rockwell Automation ISaGRAF Workbench software versions 6.0 up to and including 6.6.9 are affected by a Deserialization of Untrusted Data vulnerability. ISaGRAF Workbench does not limit the objects that can be deserialized. This vulnerability allows malicious users to craft a mal...
Rockwellautomation Isagraf Workbench
4.3
CVSSv2
CVE-2022-1018
When opening a malicious solution file provided by an attacker, the application suffers from an XML external entity vulnerability due to an unsafe call within a dynamic link library file. An attacker could exploit this to pass data from local files to a remote web server, leading...
Rockwellautomation Connected Components Workbench
Rockwellautomation Isagraf
Rockwellautomation Safety Instrumented Systems Workstation
6.8
CVSSv2
CVE-2022-1118
Connected Components Workbench (v13.00.00 and prior), ISaGRAF Workbench (v6.0 though v6.6.9), and Safety Instrumented System Workstation (v1.2 and prior (for Trusted Controllers)) do not limit the objects that can be deserialized. This allows malicious users to craft a malicious ...
Rockwellautomation Safety Instrumented Systems Workstation
Rockwellautomation Isagraf Workbench
Rockwellautomation Connected Component Workbench
9.3
CVSSv2
CVE-2020-25178
ISaGRAF Workbench communicates with Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x using TCP/IP. This communication protocol provides various file system operations, as well as the uploading of applications. Data is transferred over this protocol unencrypted, which coul...
Schneider-electric Easergy T300 Firmware
Schneider-electric Easergy C5 Firmware
Schneider-electric Micom C264 Firmware
Schneider-electric Pacis Gtw Firmware 5.1
Schneider-electric Pacis Gtw Firmware 5.2
Schneider-electric Pacis Gtw Firmware 6.1
Schneider-electric Pacis Gtw Firmware 6.3
Schneider-electric Saitel Dp Firmware
Schneider-electric Epas Gtw Firmware 6.4
Schneider-electric Saitel Dr Firmware
Schneider-electric Scd2200 Firmware
Rockwellautomation Aadvance Controller
Rockwellautomation Isagraf Free Runtime
Rockwellautomation Isagraf Runtime
Rockwellautomation Micro810 Firmware -
Rockwellautomation Micro820 Firmware -
Rockwellautomation Micro830 Firmware -
Rockwellautomation Micro850 Firmware -
Rockwellautomation Micro870 Firmware -
Xylem Multismart Firmware
4.6
CVSSv2
CVE-2020-25182
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x searches for and loads DLLs as dynamic libraries. Uncontrolled loading of dynamic libraries could allow a local, unauthenticated malicious user to execute arbitrary code. This vulnerability only affects ISaGRAF Runtime when...
Schneider-electric Easergy T300 Firmware
Schneider-electric Easergy C5 Firmware
Schneider-electric Micom C264 Firmware
Schneider-electric Pacis Gtw Firmware 5.1
Schneider-electric Pacis Gtw Firmware 5.2
Schneider-electric Pacis Gtw Firmware 6.1
Schneider-electric Pacis Gtw Firmware 6.3
Schneider-electric Saitel Dp Firmware
Schneider-electric Epas Gtw Firmware 6.4
Schneider-electric Saitel Dr Firmware
Schneider-electric Scd2200 Firmware
Rockwellautomation Aadvance Controller
Rockwellautomation Isagraf Free Runtime
Rockwellautomation Micro810 Firmware -
Rockwellautomation Micro820 Firmware -
Rockwellautomation Micro830 Firmware -
Rockwellautomation Micro850 Firmware -
Rockwellautomation Micro870 Firmware -
Xylem Multismart Firmware
Rockwellautomation Isagraf Runtime
2.1
CVSSv2
CVE-2020-25184
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x stores the password in plaintext in a file that is in the same directory as the executable file. ISaGRAF Runtime reads the file and saves the data in a variable without any additional modification. A local, unauthenticated ...
Schneider-electric Easergy T300 Firmware
Schneider-electric Easergy C5 Firmware
Schneider-electric Micom C264 Firmware
Schneider-electric Pacis Gtw Firmware 5.1
Schneider-electric Pacis Gtw Firmware 5.2
Schneider-electric Pacis Gtw Firmware 6.1
Schneider-electric Pacis Gtw Firmware 6.3
Schneider-electric Saitel Dp Firmware
Schneider-electric Epas Gtw Firmware 6.4
Schneider-electric Saitel Dr Firmware
Schneider-electric Scd2200 Firmware
Rockwellautomation Isagraf Free Runtime
Rockwellautomation Aadvance Controller
Rockwellautomation Isagraf Runtime
Rockwellautomation Micro810 Firmware -
Rockwellautomation Micro820 Firmware -
Rockwellautomation Micro830 Firmware -
Rockwellautomation Micro850 Firmware -
Rockwellautomation Micro870 Firmware -
Xylem Multismart Firmware
9.3
CVSSv2
CVE-2020-25176
Some commands used by the Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x eXchange Layer (IXL) protocol perform various file operations in the file system. Since the parameter pointing to the file name is not checked for reserved characters, it is possible for a remote, ...
Schneider-electric Easergy T300 Firmware
Schneider-electric Easergy C5 Firmware
Schneider-electric Micom C264 Firmware
Schneider-electric Pacis Gtw Firmware 5.1
Schneider-electric Pacis Gtw Firmware 5.2
Schneider-electric Pacis Gtw Firmware 6.1
Schneider-electric Pacis Gtw Firmware 6.3
Schneider-electric Saitel Dp Firmware
Schneider-electric Epas Gtw Firmware 6.4
Schneider-electric Saitel Dr Firmware
Schneider-electric Scd2200 Firmware
Rockwellautomation Aadvance Controller
Rockwellautomation Isagraf Free Runtime
Rockwellautomation Isagraf Runtime
Rockwellautomation Micro810 Firmware -
Rockwellautomation Micro820 Firmware -
Rockwellautomation Micro830 Firmware -
Rockwellautomation Micro850 Firmware -
Rockwellautomation Micro870 Firmware -
Xylem Multismart Firmware
4.3
CVSSv2
CVE-2020-25180
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x includes the functionality of setting a password that is required to execute privileged commands. The password value passed to ISaGRAF Runtime is the result of encryption performed with a fixed key value using the tiny encr...
Schneider-electric Easergy T300 Firmware
Schneider-electric Easergy C5 Firmware
Schneider-electric Micom C264 Firmware
Schneider-electric Pacis Gtw Firmware 5.1
Schneider-electric Pacis Gtw Firmware 5.2
Schneider-electric Pacis Gtw Firmware 6.1
Schneider-electric Pacis Gtw Firmware 6.3
Schneider-electric Saitel Dp Firmware
Schneider-electric Epas Gtw Firmware 6.4
Schneider-electric Saitel Dr Firmware
Schneider-electric Scd2200 Firmware
Rockwellautomation Aadvance Controller
Rockwellautomation Isagraf Free Runtime
Rockwellautomation Isagraf Runtime
Rockwellautomation Micro810 Firmware -
Rockwellautomation Micro820 Firmware -
Rockwellautomation Micro830 Firmware -
Rockwellautomation Micro850 Firmware -
Rockwellautomation Micro870 Firmware -
Xylem Multismart Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started