Vulnerabilities > Rockwellautomation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-11 | CVE-2023-29026 | Cross-site Scripting vulnerability in Rockwellautomation products A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. | 5.9 |
| 2023-05-11 | CVE-2023-29027 | Cross-site Scripting vulnerability in Rockwellautomation products A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. | 5.9 |
| 2023-05-11 | CVE-2023-29028 | Cross-site Scripting vulnerability in Rockwellautomation products A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. | 5.9 |
| 2023-05-11 | CVE-2023-29029 | Cross-site Scripting vulnerability in Rockwellautomation products A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. | 5.9 |
| 2023-05-11 | CVE-2023-29030 | Cross-site Scripting vulnerability in Rockwellautomation products A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. | 7.1 |
| 2023-05-11 | CVE-2023-29031 | Cross-site Scripting vulnerability in Rockwellautomation products A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. | 7.1 |
| 2023-05-09 | CVE-2023-29460 | Out-of-bounds Read vulnerability in Rockwellautomation Arena Simulation 16.00.00/16.20.00 An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow potentially resulting in a complete loss of confidentiality, integrity, and availability. | 9.8 |
| 2023-05-09 | CVE-2023-29461 | Out-of-bounds Read vulnerability in Rockwellautomation Arena Simulation 16.00.00/16.20.00 An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow in the heap. | 9.8 |
| 2023-05-09 | CVE-2023-29462 | Out-of-bounds Write vulnerability in Rockwellautomation Arena Simulation 16.00.00/16.20.01 An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow in the heap. | 8.8 |
| 2023-03-29 | CVE-2022-2825 | Stack-based Buffer Overflow vulnerability in multiple products This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. | 9.8 |