Vulnerabilities > Rockwellautomation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-20 | CVE-2023-2262 | Out-of-bounds Write vulnerability in Rockwellautomation products A buffer overflow vulnerability exists in the Rockwell Automation select 1756-EN* communication devices. | 9.8 |
| 2023-09-12 | CVE-2023-29463 | Improper Authentication vulnerability in Rockwellautomation Pavilion8 The JMX Console within the Rockwell Automation Pavilion8 is exposed to application users and does not require authentication. | 5.4 |
| 2023-09-12 | CVE-2023-2071 | Unrestricted Upload of File with Dangerous Type vulnerability in Rockwellautomation Factorytalk View Rockwell Automation FactoryTalk View Machine Edition on the PanelView Plus, improperly verifies user’s input, which allows unauthenticated attacker to achieve remote code executed via crafted malicious packets. | 9.8 |
| 2023-08-17 | CVE-2023-2914 | Integer Overflow or Wraparound vulnerability in Rockwellautomation Thinmanager Thinserver 13.1.0 The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, an integer overflow condition exists in the affected products. | 7.5 |
| 2023-08-17 | CVE-2023-2915 | Path Traversal vulnerability in Rockwellautomation Thinmanager Thinserver 13.1.0 The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, Due to improper input validation, a path traversal vulnerability exists when the ThinManager software processes a certain function. | 9.1 |
| 2023-08-17 | CVE-2023-2917 | Path Traversal vulnerability in Rockwellautomation Thinmanager Thinserver 13.1.0 The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability. Due to an improper input validation, a path traversal vulnerability exists, via the filename field, when the ThinManager processes a certain function. | 9.8 |
| 2023-08-08 | CVE-2023-2423 | Incorrect Calculation vulnerability in Rockwellautomation Armor Powerflex Firmware A vulnerability was discovered in the Rockwell Automation Armor PowerFlex device when the product sends communications to the local event log. | 7.5 |
| 2023-07-18 | CVE-2023-2913 | Path Traversal vulnerability in Rockwellautomation Thinmanager 13.0.0/13.0.1/13.0.2 An executable used in Rockwell Automation ThinManager ThinServer can be configured to enable an API feature in the HTTPS Server Settings. | 6.5 |
| 2023-07-18 | CVE-2023-2263 | Resource Exhaustion vulnerability in Rockwellautomation Kinetix 5700 Firmware 13.001 The Rockwell Automation Kinetix 5700 DC Bus Power Supply Series A is vulnerable to CIP fuzzing. | 7.5 |
| 2023-07-12 | CVE-2023-3595 | Out-of-bounds Write vulnerability in Rockwellautomation products Where this vulnerability exists in the Rockwell Automation 1756 EN2* and 1756 EN3* ControlLogix communication products, it could allow a malicious user to perform remote code execution with persistence on the target system through maliciously crafted CIP messages. | 9.8 |