Vulnerabilities > Rockwellautomation > Factorytalk View > 10.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-16 | CVE-2024-4609 | SQL Injection vulnerability in Rockwellautomation Factorytalk View 10.0 A vulnerability exists in the Rockwell Automation FactoryTalk® View SE Datalog function that could allow a threat actor to inject a malicious SQL statement if the SQL database has no authentication in place or if legitimate credentials were stolen. | 9.8 |
| 2022-02-24 | CVE-2020-14480 | Cleartext Storage of Sensitive Information vulnerability in Rockwellautomation Factorytalk View 10.0 Due to usernames/passwords being stored in plaintext in Random Access Memory (RAM), a local, authenticated attacker could gain access to certain credentials, including Windows Logon credentials. | 5.5 |
| 2022-02-24 | CVE-2020-14481 | Inadequate Encryption Strength vulnerability in Rockwellautomation Factorytalk View 10.0 The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may allow a local, authenticated attacker to decipher user credentials, including the Windows user or Windows DeskLock passwords. | 7.8 |