Vulnerabilities > Rockwellautomation
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-03-26 | CVE-2024-21913 | Out-of-bounds Write vulnerability in Rockwellautomation Arena A heap-based memory buffer overflow vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code into the software by overstepping the memory boundaries, which triggers an access violation. | 7.8 |
2024-03-26 | CVE-2024-21918 | Use After Free vulnerability in Rockwellautomation Arena A memory buffer vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by corrupting the memory and triggering an access violation. | 7.8 |
2024-03-26 | CVE-2024-21919 | Access of Uninitialized Pointer vulnerability in Rockwellautomation Arena An uninitialized pointer in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by leveraging the pointer after it is properly. | 7.8 |
2024-03-26 | CVE-2024-21920 | Out-of-bounds Read vulnerability in Rockwellautomation Arena A memory buffer vulnerability in Rockwell Automation Arena Simulation could potentially let a threat actor read beyond the intended memory boundaries. | 7.1 |
2024-03-26 | CVE-2024-2929 | Out-of-bounds Write vulnerability in Rockwellautomation Arena A memory corruption vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by corrupting the memory triggering an access violation. | 7.8 |
2024-02-16 | CVE-2024-21915 | Incorrect Permission Assignment for Critical Resource vulnerability in Rockwellautomation Factorytalk Services Platform A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform (FTSP). | 8.8 |
2024-01-31 | CVE-2024-21916 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rockwellautomation products A denial-of-service vulnerability exists in specific Rockwell Automation ControlLogix ang GuardLogix controllers. | 7.5 |
2024-01-31 | CVE-2024-21917 | Improper Verification of Cryptographic Signature vulnerability in Rockwellautomation Factorytalk Services Platform A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. | 9.1 |
2023-11-30 | CVE-2023-5908 | Classic Buffer Overflow vulnerability in multiple products KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information. | 9.1 |
2023-11-30 | CVE-2023-5909 | Improper Certificate Validation vulnerability in multiple products KEPServerEX does not properly validate certificates from clients which may allow unauthenticated users to connect. | 7.5 |