Vulnerabilities > Rockwellautomation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-19 | CVE-2022-3752 | Unspecified vulnerability in Rockwellautomation products An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic loading to cause a denial-of-service condition in Rockwell Automation Logix controllers resulting in a major non-recoverable fault. | 7.5 |
| 2022-12-16 | CVE-2022-3157 | Unspecified vulnerability in Rockwellautomation products A vulnerability exists in the Rockwell Automation controllers that allows a malformed CIP request to cause a major non-recoverable fault (MNRF) and a denial-of-service condition (DOS). | 7.5 |
| 2022-12-16 | CVE-2022-46670 | Cross-site Scripting vulnerability in Rockwellautomation products Rockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution. | 6.1 |
| 2022-12-16 | CVE-2022-3166 | Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Rockwellautomation Micrologix 1100 Firmware and Micrologix 1400 Firmware Rockwell Automation was made aware that the webservers of the Micrologix 1100 and 1400 controllers contain a vulnerability that may lead to a denial-of-service condition. | 7.5 |
| 2022-10-27 | CVE-2022-38744 | Improper Authentication vulnerability in Rockwellautomation Factorytalk Alarms and Events An unauthenticated attacker with network access to a victim's Rockwell Automation FactoryTalk Alarm and Events service could open a connection, causing the service to fault and become unavailable. | 7.5 |
| 2022-10-17 | CVE-2022-3158 | SQL Injection vulnerability in Rockwellautomation Factorytalk Vantagepoint Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an input validation vulnerability. | 8.8 |
| 2022-10-17 | CVE-2022-38743 | Unspecified vulnerability in Rockwellautomation Factorytalk Vantagepoint Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an improper access control vulnerability. | 8.8 |
| 2022-09-23 | CVE-2022-38742 | Out-of-bounds Write vulnerability in Rockwellautomation Thinmanager Rockwell Automation ThinManager ThinServer versions 11.0.0 - 13.0.0 is vulnerable to a heap-based buffer overflow. | 9.8 |
| 2022-08-25 | CVE-2022-2463 | Unspecified vulnerability in Rockwellautomation Isagraf Workbench 6.0/6.6.9 Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. | 7.8 |
| 2022-08-25 | CVE-2022-2464 | Unspecified vulnerability in Rockwellautomation Isagraf Workbench 6.0/6.6.9 Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. | 7.8 |