Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rockwellautomation vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-27855
In affected versions, a path traversal exists when processing a message in Rockwell Automation's ThinManager ThinServer. An unauthenticated remote attacker could potentially exploit this vulnerability to upload arbitrary files to any directory on the disk drive where ThinSe...
Rockwellautomation Thinmanager
Rockwellautomation Thinmanager 13.0.0
Rockwellautomation Thinmanager 13.0.1
9.8
CVSSv3
CVE-2023-0754
The affected products are vulnerable to an integer overflow or wraparound, which could allow an malicious user to crash the server and remotely execute arbitrary code.
Rockwellautomation Kepserver Enterprise
Ptc Thingworx Kepware Edge
Ptc Thingworx .net-sdk
Ptc Thingworx Edge C-sdk
Ptc Thingworx Edge Microserver
Ptc Kepware Serverex
Ge Digital Industrial Gateway Server
Ptc Kepware Server
Ptc Thingworx Industrial Connectivity
9.8
CVSSv3
CVE-2023-0755
The affected products are vulnerable to an improper validation of array index, which could allow an malicious user to crash the server and remotely execute arbitrary code.
Ptc Thingworx Industrial Connectivity -
Rockwellautomation Kepserver Enterprise
Ptc Thingworx Kepware Edge
Ptc Thingworx .net-sdk
Ptc Thingworx Edge C-sdk
Ptc Thingworx Edge Microserver
Ptc Kepware Serverex
Ge Digital Industrial Gateway Server
Ptc Kepware Server
9.8
CVSSv3
CVE-2022-38742
Rockwell Automation ThinManager ThinServer versions 11.0.0 - 13.0.0 is vulnerable to a heap-based buffer overflow. An attacker could send a specifically crafted TFTP or HTTPS request, causing a heap-based buffer overflow that crashes the ThinServer process. If successfully exploi...
Rockwellautomation Thinmanager
9.8
CVSSv3
CVE-2022-1161
An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an ...
Rockwellautomation Compactlogix 1768-l43 Firmware
Rockwellautomation Compactlogix 1768-l45 Firmware
Rockwellautomation Compactlogix 1769-l31 Firmware
Rockwellautomation Compactlogix 1769-l32c Firmware
Rockwellautomation Compactlogix 1769-l32e Firmware
Rockwellautomation Compactlogix 1769-l35cr Firmware
Rockwellautomation Compactlogix 1769-l35e Firmware
Rockwellautomation Compactlogix 5370 L3 Firmware
Rockwellautomation Compactlogix 5370 L2 Firmware
Rockwellautomation Compactlogix 5370 L1 Firmware
Rockwellautomation Compactlogix 5380 Firmware
Rockwellautomation Compactlogix 5480 Firmware
Rockwellautomation Compact Guardlogix 5370 Firmware
Rockwellautomation Compact Guardlogix 5380 Firmware
Rockwellautomation Controllogix 5550 Firmware
Rockwellautomation Controllogix 5560 Firmware
Rockwellautomation Controllogix 5570 Firmware
Rockwellautomation Controllogix 5580 Firmware
Rockwellautomation Guardlogix 5560 Firmware
Rockwellautomation Guardlogix 5570 Firmware
Rockwellautomation Guardlogix 5580 Firmware
Rockwellautomation Flexlogix 1794-l34 Firmware
9.8
CVSSv3
CVE-2021-27460
Rockwell Automation FactoryTalk AssetCentre v10.00 and previous versions components contain .NET remoting endpoints that deserialize untrusted data without sufficiently verifying that the resulting data will be valid. This vulnerability may allow a remote, unauthenticated malicio...
Rockwellautomation Factorytalk Assetcentre
9.8
CVSSv3
CVE-2021-27462
A deserialization vulnerability exists in how the AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and previous versions verifies serialized data. This vulnerability may allow a remote, unauthenticated malicious user to execute arbitrary commands in Fa...
Rockwellautomation Factorytalk Assetcentre
9.8
CVSSv3
CVE-2021-27464
The ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and previous versions exposes functions lacking proper authentication. This vulnerability may allow a remote, unauthenticated malicious user to execute arbitrary SQL statements.
Rockwellautomation Factorytalk Assetcentre
9.8
CVSSv3
CVE-2021-27468
The AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and previous versions exposes functions lacking proper authentication. This vulnerability may allow a remote, unauthenticated malicious user to execute arbitrary SQL statements.
Rockwellautomation Factorytalk Assetcentre
9.8
CVSSv3
CVE-2021-27470
A deserialization vulnerability exists in how the LogService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and previous versions verifies serialized data. This vulnerability may allow a remote, unauthenticated malicious user to execute arbitrary commands in Fa...
Rockwellautomation Factorytalk Assetcentre
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »