Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rockwellautomation vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-14502
The web interface of the 1734-AENTR communication module is vulnerable to stored XSS. A remote, unauthenticated attacker could store a malicious script within the web interface that, when executed, could modify some string values on the homepage of the web interface.
Rockwellautomation 1734-aentr Point I\\/o Dual Port Network Adaptor Series B Firmware
Rockwellautomation 1734-aentr Point I\\/o Dual Port Network Adaptor Series C Firmware 6.011
Rockwellautomation 1734-aentr Point I\\/o Dual Port Network Adaptor Series C Firmware 6.012
5
CVSSv2
CVE-2020-14504
The web interface of the 1734-AENTR communication module mishandles authentication for HTTP POST requests. A remote, unauthenticated attacker can send a crafted request that may allow for modification of the configuration settings.
Rockwellautomation 1734-aentr Point I\\/o Dual Port Network Adaptor Series B Firmware
Rockwellautomation 1734-aentr Point I\\/o Dual Port Network Adaptor Series C Firmware 6.011
Rockwellautomation 1734-aentr Point I\\/o Dual Port Network Adaptor Series C Firmware 6.012
6.9
CVSSv2
CVE-2016-2277
IAB.exe in Rockwell Automation Integrated Architecture Builder (IAB) prior to 9.6.0.8 and 9.7.x prior to 9.7.0.2 allows remote malicious users to execute arbitrary code via a crafted project file.
Rockwellautomation Integrated Architecture Builder 9.7.0.1
Rockwellautomation Integrated Architecture Builder 9.7.0.0
Rockwellautomation Integrated Architecture Builder
6.9
CVSSv2
CVE-2011-2957
Unspecified vulnerability in Rockwell Automation FactoryTalk Diagnostics Viewer before V2.30.00 (CPR9 SR3) allows local users to execute arbitrary code via a crafted FactoryTalk Diagnostics Viewer (.ftd) configuration file, which triggers memory corruption.
Rockwellautomation Factorytalk Diagnostics Viewer 2.10.01
Rockwellautomation Factorytalk Diagnostics Viewer 2.10
Rockwellautomation Factorytalk Diagnostics Viewer
4.6
CVSSv2
CVE-2018-10619
An unquoted search path or element in RSLinx Classic Versions 3.90.01 and prior and FactoryTalk Linx Gateway Versions 3.90.00 and prior may allow an authorized, but non-privileged local user to execute arbitrary code and allow a threat actor to escalate user privileges on the aff...
Rockwellautomation Rslinx Classic
Rockwellautomation Factorytalk Linx Gateway
1 EDB exploit
NA
CVE-2023-2914
The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, an integer overflow condition exists in the affected products. When the ThinManager processes incoming messages, a read access violation occurs and terminates the process. A ...
Rockwellautomation Thinmanager Thinserver 13.1.0
Rockwellautomation Thinmanager Thinserver
NA
CVE-2023-2915
The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, Due to improper input validation, a path traversal vulnerability exists when the ThinManager software processes a certain function. If exploited, an unauthenticated remote th...
Rockwellautomation Thinmanager Thinserver 13.1.0
Rockwellautomation Thinmanager Thinserver
NA
CVE-2023-2917
The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability. Due to an improper input validation, a path traversal vulnerability exists, via the filename field, when the ThinManager processes a certain function. If exploited, an unauth...
Rockwellautomation Thinmanager Thinserver 13.1.0
Rockwellautomation Thinmanager Thinserver
2.1
CVSSv2
CVE-2020-14480
Due to usernames/passwords being stored in plaintext in Random Access Memory (RAM), a local, authenticated attacker could gain access to certain credentials, including Windows Logon credentials.
Rockwellautomation Factorytalk View
Rockwellautomation Factorytalk View 10.0
2.1
CVSSv2
CVE-2020-14481
The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may allow a local, authenticated malicious user to decipher user credentials, including the Windows user or Windows DeskLock passwords. If the compromised user has an administrative account,...
Rockwellautomation Factorytalk View
Rockwellautomation Factorytalk View 10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »