Vulnerabilities > Rockwellautomation

DATE CVE VULNERABILITY TITLE RISK
2018-09-20 CVE-2018-14829 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rockwellautomation Rslinx
Rockwell Automation RSLinx Classic Versions 4.00.01 and prior.
network
low complexity
rockwellautomation CWE-119
critical
9.8
2018-09-20 CVE-2018-14827 Resource Exhaustion vulnerability in Rockwellautomation Rslinx
Rockwell Automation RSLinx Classic Versions 4.00.01 and prior.
network
low complexity
rockwellautomation CWE-400
7.5
2018-09-20 CVE-2018-14821 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rockwellautomation Rslinx
Rockwell Automation RSLinx Classic Versions 4.00.01 and prior.
network
low complexity
rockwellautomation CWE-119
7.5
2018-06-25 CVE-2017-9312 Improper Input Validation vulnerability in Rockwellautomation Allen-Bradley L30Erms Firmware 30
Improperly implemented option-field processing in the TCP/IP stack on Allen-Bradley L30ERMS safety devices v30 and earlier causes a denial of service.
network
low complexity
rockwellautomation CWE-20
7.5
2018-06-07 CVE-2018-10619 Unquoted Search Path or Element vulnerability in Rockwellautomation Factorytalk Linx Gateway and Rslinx Classic
An unquoted search path or element in RSLinx Classic Versions 3.90.01 and prior and FactoryTalk Linx Gateway Versions 3.90.00 and prior may allow an authorized, but non-privileged local user to execute arbitrary code and allow a threat actor to escalate user privileges on the affected workstation.
local
low complexity
rockwellautomation CWE-428
7.8
2018-06-04 CVE-2017-12092 Information Exposure vulnerability in Rockwellautomation Micrologix 1400 B Firmware
An exploitable file write vulnerability exists in the memory module functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before.
network
low complexity
rockwellautomation CWE-200
7.5
2018-05-14 CVE-2018-8843 Use After Free vulnerability in Rockwellautomation Arena
Rockwell Automation Arena versions 15.10.00 and prior contains a use after free vulnerability caused by processing specially crafted Arena Simulation Software files that may cause the software application to crash, potentially losing any unsaved data..
local
low complexity
rockwellautomation CWE-416
5.5
2018-05-11 CVE-2017-6015 Injection vulnerability in Rockwellautomation Factorytalk Activation 4.00.02
Without quotation marks, any whitespace in the file path for Rockwell Automation FactoryTalk Activation version 4.00.02 remains ambiguous, which may allow an attacker to link to or run a malicious executable.
local
low complexity
rockwellautomation CWE-74
7.8
2018-04-05 CVE-2017-14473 Unspecified vulnerability in Rockwellautomation Micrologix 1400 B Firmware
An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before.
network
low complexity
rockwellautomation
critical
9.8
2018-04-05 CVE-2017-14472 Unspecified vulnerability in Rockwellautomation Micrologix 1400 B Firmware
An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before.
network
low complexity
rockwellautomation
critical
9.8