Vulnerabilities > Rockwellautomation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-09 | CVE-2023-29461 | Out-of-bounds Read vulnerability in Rockwellautomation Arena 16.00.00/16.20.00 An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow in the heap. | 9.8 |
| 2023-05-09 | CVE-2023-29462 | Out-of-bounds Write vulnerability in Rockwellautomation Arena 16.00.00/16.20.01 An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow in the heap. | 8.8 |
| 2023-03-29 | CVE-2022-2825 | Stack-based Buffer Overflow vulnerability in multiple products This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. | 9.8 |
| 2023-03-29 | CVE-2022-2848 | Heap-based Buffer Overflow vulnerability in multiple products This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. | 9.1 |
| 2023-03-22 | CVE-2023-27857 | Out-of-bounds Read vulnerability in Rockwellautomation Thinmanager In affected versions, a heap-based buffer over-read condition occurs when the message field indicates more data than is present in the message field in Rockwell Automation's ThinManager ThinServer. An unauthenticated remote attacker can exploit this vulnerability to crash ThinServer.exe due to a read access violation. | 7.5 |
| 2023-03-22 | CVE-2023-27855 | Path Traversal vulnerability in Rockwellautomation Thinmanager In affected versions, a path traversal exists when processing a message in Rockwell Automation's ThinManager ThinServer. | 9.8 |
| 2023-03-22 | CVE-2023-27856 | Path Traversal vulnerability in Rockwellautomation Thinmanager In affected versions, path traversal exists when processing a message of type 8 in Rockwell Automation's ThinManager ThinServer. | 7.5 |
| 2023-03-17 | CVE-2023-0027 | Information Exposure vulnerability in Rockwellautomation Modbus TCP Server ADD on Instructions 2.00.00/2.00.03 Rockwell Automation Modbus TCP Server AOI prior to 2.04.00 is vulnerable to an unauthorized user sending a malformed message that could cause the controller to respond with a copy of the most recent response to the last valid request. | 4.3 |
| 2023-02-23 | CVE-2023-0754 | The affected products are vulnerable to an integer overflow or wraparound, which could allow an attacker to crash the server and remotely execute arbitrary code. | 9.8 |
| 2023-02-23 | CVE-2023-0755 | The affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the server and remotely execute arbitrary code. | 9.8 |