Vulnerabilities > Rockwellautomation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-26 | CVE-2024-21918 | Use After Free vulnerability in Rockwellautomation Arena A memory buffer vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by corrupting the memory and triggering an access violation. | 7.8 |
| 2024-03-26 | CVE-2024-21919 | Access of Uninitialized Pointer vulnerability in Rockwellautomation Arena An uninitialized pointer in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by leveraging the pointer after it is properly. | 7.8 |
| 2024-03-26 | CVE-2024-21920 | Out-of-bounds Read vulnerability in Rockwellautomation Arena A memory buffer vulnerability in Rockwell Automation Arena Simulation could potentially let a threat actor read beyond the intended memory boundaries. | 7.1 |
| 2024-03-26 | CVE-2024-2929 | Out-of-bounds Write vulnerability in Rockwellautomation Arena A memory corruption vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by corrupting the memory triggering an access violation. | 7.8 |
| 2024-03-25 | CVE-2024-2425 | Unspecified vulnerability in Rockwellautomation Powerflex 527 AC Drives Firmware A denial-of-service vulnerability exists in the Rockwell Automation PowerFlex® 527 due to improper input validation in the device. | 7.5 |
| 2024-03-25 | CVE-2024-2426 | Unspecified vulnerability in Rockwellautomation Powerflex 527 AC Drives Firmware A denial-of-service vulnerability exists in the Rockwell Automation PowerFlex® 527 due to improper input validation in the device. | 7.5 |
| 2024-03-25 | CVE-2024-2427 | Unspecified vulnerability in Rockwellautomation Powerflex 527 AC Drives Firmware A denial-of-service vulnerability exists in the Rockwell Automation PowerFlex® 527 due to improper traffic throttling in the device. | 7.5 |
| 2024-02-16 | CVE-2024-21915 | Incorrect Permission Assignment for Critical Resource vulnerability in Rockwellautomation Factorytalk Services Platform A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform (FTSP). | 8.8 |
| 2024-01-31 | CVE-2024-21916 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rockwellautomation products A denial-of-service vulnerability exists in specific Rockwell Automation ControlLogix ang GuardLogix controllers. | 7.5 |
| 2024-01-31 | CVE-2024-21917 | Improper Verification of Cryptographic Signature vulnerability in Rockwellautomation Factorytalk Services Platform A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. | 9.1 |