Vulnerabilities > Rockwellautomation

DATE CVE VULNERABILITY TITLE RISK
2024-12-05 CVE-2024-11156 Out-of-bounds Write vulnerability in Rockwellautomation Arena
An “out of bounds write” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to write beyond the boundaries of allocated memory in a DOE file.
local
low complexity
rockwellautomation CWE-787
7.8
2024-12-05 CVE-2024-12130 Out-of-bounds Read vulnerability in Rockwellautomation Arena
An “out of bounds read” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to read beyond the boundaries of an allocated memory.
local
low complexity
rockwellautomation CWE-125
7.8
2024-10-25 CVE-2024-10386 Unspecified vulnerability in Rockwellautomation Thinmanager
CVE-2024-10386 IMPACT An authentication vulnerability exists in the affected product.
network
low complexity
rockwellautomation
critical
9.8
2024-10-25 CVE-2024-10387 Unspecified vulnerability in Rockwellautomation Thinmanager
CVE-2024-10387 IMPACT A Denial-of-Service vulnerability exists in the affected product.
network
low complexity
rockwellautomation
7.5
2024-10-14 CVE-2024-6207 Unspecified vulnerability in Rockwellautomation products
CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html  and send a specially crafted CIP message to the device.
network
low complexity
rockwellautomation
7.5
2024-09-12 CVE-2024-7960 Unspecified vulnerability in Rockwellautomation Pavilion8 5.20
The Rockwell Automation affected product contains a vulnerability that allows a threat actor to view sensitive information and change settings.
network
low complexity
rockwellautomation
critical
9.1
2024-09-12 CVE-2024-7961 Path Traversal vulnerability in Rockwellautomation Pavilion8 5.20
A path traversal vulnerability exists in the Rockwell Automation affected product.
network
low complexity
rockwellautomation CWE-22
critical
9.8
2024-09-12 CVE-2024-6077 Unspecified vulnerability in Rockwellautomation products
A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object.
network
low complexity
rockwellautomation
7.5
2024-09-12 CVE-2024-8533 Incorrect Default Permissions vulnerability in Rockwellautomation products
A privilege escalation vulnerability exists in the Rockwell Automation affected products.
network
low complexity
rockwellautomation CWE-276
8.8
2024-09-12 CVE-2024-45823 Unspecified vulnerability in Rockwellautomation Factorytalk Batch View 2.01.00
CVE-2024-45823 IMPACT An authentication bypass vulnerability exists in the affected product.
network
low complexity
rockwellautomation
critical
9.8