Vulnerabilities > Rockwellautomation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-19 | CVE-2024-11157 | Out-of-bounds Write vulnerability in Rockwellautomation Arena A third-party vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to write beyond the boundaries of allocated memory in a DOE file. | 7.3 |
| 2024-12-19 | CVE-2024-11364 | Use of Uninitialized Resource vulnerability in Rockwellautomation Arena Another “uninitialized variable” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to access a variable prior to it being initialized. | 7.3 |
| 2024-12-19 | CVE-2024-12175 | Use After Free vulnerability in Rockwellautomation Arena Another “use after free” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to use a resource that was already used. | 7.8 |
| 2024-12-05 | CVE-2024-11156 | Out-of-bounds Write vulnerability in Rockwellautomation Arena An “out of bounds write” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to write beyond the boundaries of allocated memory in a DOE file. | 7.8 |
| 2024-12-05 | CVE-2024-12130 | Out-of-bounds Read vulnerability in Rockwellautomation Arena An “out of bounds read” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to read beyond the boundaries of an allocated memory. | 7.8 |
| 2024-10-25 | CVE-2024-10386 | Unspecified vulnerability in Rockwellautomation Thinmanager CVE-2024-10386 IMPACT An authentication vulnerability exists in the affected product. | 9.8 |
| 2024-10-25 | CVE-2024-10387 | Unspecified vulnerability in Rockwellautomation Thinmanager CVE-2024-10387 IMPACT A Denial-of-Service vulnerability exists in the affected product. | 7.5 |
| 2024-10-14 | CVE-2024-6207 | Unspecified vulnerability in Rockwellautomation products CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the device. | 7.5 |
| 2024-09-12 | CVE-2024-7960 | Unspecified vulnerability in Rockwellautomation Pavilion8 5.20 The Rockwell Automation affected product contains a vulnerability that allows a threat actor to view sensitive information and change settings. | 9.1 |
| 2024-09-12 | CVE-2024-7961 | Path Traversal vulnerability in Rockwellautomation Pavilion8 5.20 A path traversal vulnerability exists in the Rockwell Automation affected product. | 9.8 |