Vulnerabilities > Rockwellautomation > Compactlogix 5380 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-14 | CVE-2024-6207 | Unspecified vulnerability in Rockwellautomation products CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the device. | 7.5 |
| 2024-10-08 | CVE-2024-8626 | Memory Leak vulnerability in Rockwellautomation products Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. | 7.5 |
| 2024-09-12 | CVE-2024-6077 | Unspecified vulnerability in Rockwellautomation products A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. | 7.5 |
| 2024-08-14 | CVE-2024-7507 | Unspecified vulnerability in Rockwellautomation products CVE-2024-7507 IMPACT A denial-of-service vulnerability exists in the affected products. | 6.5 |
| 2024-08-14 | CVE-2024-7515 | Unspecified vulnerability in Rockwellautomation products CVE-2024-7515 IMPACT A denial-of-service vulnerability exists in the affected products. | 7.5 |
| 2024-06-14 | CVE-2024-5659 | Unspecified vulnerability in Rockwellautomation products Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). low complexity rockwellautomation | 6.5 |
| 2024-04-15 | CVE-2024-3493 | Unspecified vulnerability in Rockwellautomation products A specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF) Rockwell Automation's ControlLogix 5580, Guard Logix 5580, CompactLogix 5380, and 1756-EN4TR. | 7.5 |
| 2022-12-19 | CVE-2022-3752 | Unspecified vulnerability in Rockwellautomation products An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic loading to cause a denial-of-service condition in Rockwell Automation Logix controllers resulting in a major non-recoverable fault. | 7.5 |
| 2022-06-02 | CVE-2022-1797 | Unspecified vulnerability in Rockwellautomation products A malformed Class 3 common industrial protocol message with a cached connection can cause a denial-of-service condition in Rockwell Automation Logix Controllers, resulting in a major nonrecoverable fault. | 8.6 |
| 2022-04-11 | CVE-2022-1161 | Unspecified vulnerability in Rockwellautomation products An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. | 9.8 |