Filtered by vendor Rockwellautomation
Subscribe
Total
237 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-2465 | 1 Rockwellautomation | 1 Isagraf Workbench | 2024-02-04 | N/A | 7.8 HIGH |
Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Deserialization of Untrusted Data vulnerability. ISaGRAF Workbench does not limit the objects that can be deserialized. This vulnerability allows attackers to craft a malicious serialized object that, if opened by a local user in ISaGRAF Workbench, may result in remote code execution. This vulnerability requires user interaction to be successfully exploited. | |||||
CVE-2022-38744 | 1 Rockwellautomation | 1 Factorytalk Alarms And Events | 2024-02-04 | N/A | 7.5 HIGH |
An unauthenticated attacker with network access to a victim's Rockwell Automation FactoryTalk Alarm and Events service could open a connection, causing the service to fault and become unavailable. The affected port could be used as a server ping port and uses messages structured with XML. | |||||
CVE-2022-38743 | 1 Rockwellautomation | 1 Factorytalk Vantagepoint | 2024-02-04 | N/A | 8.8 HIGH |
Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an improper access control vulnerability. The FactoryTalk VantagePoint SQL Server account could allow a malicious user with read-only privileges to execute SQL statements in the back-end database. If successfully exploited, this could allow the attacker to execute arbitrary code and gain access to restricted data. | |||||
CVE-2022-3158 | 1 Rockwellautomation | 1 Factorytalk Vantagepoint | 2024-02-04 | N/A | 8.8 HIGH |
Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an input validation vulnerability. The FactoryTalk VantagePoint SQL Server lacks input validation when users enter SQL statements to retrieve information from the back-end database. If successfully exploited, this could allow a user with basic user privileges to perform remote code execution on the server. | |||||
CVE-2020-6998 | 1 Rockwellautomation | 18 Armor Compact Guardlogix 5370, Armor Compact Guardlogix 5370 Firmware, Compact Guardlogix 5370 and 15 more | 2024-02-04 | N/A | 8.6 HIGH |
The connection establishment algorithm found in Rockwell Automation CompactLogix 5370 and ControlLogix 5570 versions 33 and prior does not sufficiently manage its control flow during execution, creating an infinite loop. This may allow an attacker to send specially crafted CIP packet requests to a controller, which may cause denial-of-service conditions in communications with other products. | |||||
CVE-2022-2464 | 1 Rockwellautomation | 1 Isagraf Workbench | 2024-02-04 | N/A | 7.8 HIGH |
Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. Crafted malicious files can allow an attacker to traverse the file system when opened by ISaGRAF Workbench. If successfully exploited, an attacker could overwrite existing files and create additional files with the same permissions of the ISaGRAF Workbench software. User interaction is required for this exploit to be successful. | |||||
CVE-2022-1161 | 1 Rockwellautomation | 48 Compact Guardlogix 5370, Compact Guardlogix 5370 Firmware, Compact Guardlogix 5380 and 45 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an attacker to change one and not the other. | |||||
CVE-2021-27476 | 1 Rockwellautomation | 1 Factorytalk Assetcentre | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
A vulnerability exists in the SaveConfigFile function of the RACompare Service, which may allow for OS command injection. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier. | |||||
CVE-2021-27471 | 1 Rockwellautomation | 1 Connected Components Workbench | 2024-02-04 | 6.8 MEDIUM | 8.6 HIGH |
The parsing mechanism that processes certain file types does not provide input sanitization for file paths. This may allow an attacker to craft malicious files that, when opened by Rockwell Automation Connected Components Workbench v12.00.00 and prior, can traverse the file system. If successfully exploited, an attacker could overwrite existing files and create additional files with the same permissions of the Connected Components Workbench software. User interaction is required for this exploit to be successful. | |||||
CVE-2021-27464 | 1 Rockwellautomation | 1 Factorytalk Assetcentre | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
The ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier exposes functions lacking proper authentication. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary SQL statements. | |||||
CVE-2022-1018 | 1 Rockwellautomation | 3 Connected Components Workbench, Isagraf, Safety Instrumented Systems Workstation | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
When opening a malicious solution file provided by an attacker, the application suffers from an XML external entity vulnerability due to an unsafe call within a dynamic link library file. An attacker could exploit this to pass data from local files to a remote web server, leading to a loss of confidentiality. | |||||
CVE-2020-25178 | 3 Rockwellautomation, Schneider-electric, Xylem | 31 Aadvance Controller, Isagraf Free Runtime, Isagraf Runtime and 28 more | 2024-02-04 | 9.3 HIGH | 8.8 HIGH |
ISaGRAF Workbench communicates with Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x using TCP/IP. This communication protocol provides various file system operations, as well as the uploading of applications. Data is transferred over this protocol unencrypted, which could allow a remote unauthenticated attacker to upload, read, and delete files. | |||||
CVE-2020-14478 | 1 Rockwellautomation | 1 Factorytalk Services Platform | 2024-02-04 | 5.6 MEDIUM | 7.1 HIGH |
A local, authenticated attacker could use an XML External Entity (XXE) attack to exploit weakly configured XML files to access local or remote content. A successful exploit could potentially cause a denial-of-service condition and allow the attacker to arbitrarily read any local file via system-level services. | |||||
CVE-2021-27460 | 1 Rockwellautomation | 1 Factorytalk Assetcentre | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier components contain .NET remoting endpoints that deserialize untrusted data without sufficiently verifying that the resulting data will be valid. This vulnerability may allow a remote, unauthenticated attacker to gain full access to the FactoryTalk AssetCentre main server and all agent machines. | |||||
CVE-2021-32960 | 1 Rockwellautomation | 1 Factorytalk Services Platform | 2024-02-04 | 6.0 MEDIUM | 8.8 HIGH |
Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is enabled and deployed contains a vulnerability that may allow a remote, authenticated attacker to bypass FactoryTalk Security policies based on the computer name. If successfully exploited, this may allow an attacker to have the same privileges as if they were logged on to the client machine. | |||||
CVE-2020-14480 | 1 Rockwellautomation | 1 Factorytalk View | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
Due to usernames/passwords being stored in plaintext in Random Access Memory (RAM), a local, authenticated attacker could gain access to certain credentials, including Windows Logon credentials. | |||||
CVE-2021-27474 | 1 Rockwellautomation | 1 Factorytalk Assetcentre | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier does not properly restrict all functions relating to IIS remoting services. This vulnerability may allow a remote, unauthenticated attacker to modify sensitive data in FactoryTalk AssetCentre. | |||||
CVE-2020-25176 | 3 Rockwellautomation, Schneider-electric, Xylem | 31 Aadvance Controller, Isagraf Free Runtime, Isagraf Runtime and 28 more | 2024-02-04 | 9.3 HIGH | 9.8 CRITICAL |
Some commands used by the Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x eXchange Layer (IXL) protocol perform various file operations in the file system. Since the parameter pointing to the file name is not checked for reserved characters, it is possible for a remote, unauthenticated attacker to traverse an application’s directory, which could lead to remote code execution. | |||||
CVE-2020-14481 | 1 Rockwellautomation | 1 Factorytalk View | 2024-02-04 | 2.1 LOW | 7.8 HIGH |
The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may allow a local, authenticated attacker to decipher user credentials, including the Windows user or Windows DeskLock passwords. If the compromised user has an administrative account, an attacker could gain full access to the user’s operating system and certain components of FactoryTalk View SE. | |||||
CVE-2020-25184 | 3 Rockwellautomation, Schneider-electric, Xylem | 31 Aadvance Controller, Isagraf Free Runtime, Isagraf Runtime and 28 more | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x stores the password in plaintext in a file that is in the same directory as the executable file. ISaGRAF Runtime reads the file and saves the data in a variable without any additional modification. A local, unauthenticated attacker could compromise the user passwords, resulting in information disclosure. |