High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-14	CVE-2024-6207	Unspecified vulnerability in Rockwellautomation products CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the device. network low complexity rockwellautomation	7.5
2024-09-12	CVE-2024-6077	Unspecified vulnerability in Rockwellautomation products A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. network low complexity rockwellautomation	7.5
2024-09-12	CVE-2024-8533	Incorrect Default Permissions vulnerability in Rockwellautomation products A privilege escalation vulnerability exists in the Rockwell Automation affected products. network low complexity rockwellautomation CWE-276	8.8
2024-09-12	CVE-2024-45825	Unspecified vulnerability in Rockwellautomation 5015-U8Ihft Firmware 1.011/1.012 CVE-2024-45825 IMPACT A denial-of-service vulnerability exists in the affected products. network low complexity rockwellautomation	7.5
2024-09-12	CVE-2024-45826	Externally Controlled Reference to a Resource in Another Sphere vulnerability in Rockwellautomation Thinmanager 13.1.0/13.2.0 CVE-2024-45826 IMPACT Due to improper input validation, a path traversal and remote code execution vulnerability exists when the ThinManager® processes a crafted POST request. network low complexity rockwellautomation CWE-610	8.8
2024-07-16	CVE-2024-6089	Unspecified vulnerability in Rockwellautomation 5015-Aenftxt Firmware 2.011 An input validation vulnerability exists in the Rockwell Automation 5015 - AENFTXT when a manipulated PTP packet is sent, causing the secondary adapter to result in a major nonrecoverable fault. network low complexity rockwellautomation	7.5
2024-06-25	CVE-2024-5990	Unspecified vulnerability in Rockwellautomation Thinmanager and Thinserver Due to an improper input validation, an unauthenticated threat actor can send a malicious message to a monitor thread within Rockwell Automation ThinServer™ and cause a denial-of-service condition on the affected device. network low complexity rockwellautomation	7.5
2024-06-14	CVE-2024-37367	Improper Authentication vulnerability in Rockwellautomation Factorytalk View A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE v12. network low complexity rockwellautomation CWE-287	7.5
2024-01-31	CVE-2024-21916	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rockwellautomation products A denial-of-service vulnerability exists in specific Rockwell Automation ControlLogix ang GuardLogix controllers. network low complexity rockwellautomation CWE-119	7.5
2023-11-30	CVE-2023-5909	Improper Certificate Validation vulnerability in multiple products KEPServerEX does not properly validate certificates from clients which may allow unauthenticated users to connect. network low complexity ptc softwaretoolbox ge rockwellautomation CWE-295	7.5