Vulnerabilities > Rockwellautomation > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-06-25 | CVE-2017-9312 | Improper Input Validation vulnerability in Rockwellautomation Allen-Bradley L30Erms Firmware 30 Improperly implemented option-field processing in the TCP/IP stack on Allen-Bradley L30ERMS safety devices v30 and earlier causes a denial of service. | 7.5 |
2018-06-07 | CVE-2018-10619 | Unquoted Search Path or Element vulnerability in Rockwellautomation Factorytalk Linx Gateway and Rslinx Classic An unquoted search path or element in RSLinx Classic Versions 3.90.01 and prior and FactoryTalk Linx Gateway Versions 3.90.00 and prior may allow an authorized, but non-privileged local user to execute arbitrary code and allow a threat actor to escalate user privileges on the affected workstation. | 7.8 |
2018-06-04 | CVE-2017-12092 | Information Exposure vulnerability in Rockwellautomation Micrologix 1400 B Firmware An exploitable file write vulnerability exists in the memory module functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. | 7.5 |
2018-05-11 | CVE-2017-6015 | Injection vulnerability in Rockwellautomation Factorytalk Activation 4.00.02 Without quotation marks, any whitespace in the file path for Rockwell Automation FactoryTalk Activation version 4.00.02 remains ambiguous, which may allow an attacker to link to or run a malicious executable. | 7.8 |
2018-04-05 | CVE-2017-12090 | Resource Exhaustion vulnerability in Rockwellautomation Micrologix 1400 B Firmware An exploitable denial of service vulnerability exists in the processing of snmp-set commands of the Allen Bradley Micrologix 1400 Series B FRN 21.2 and below. | 7.5 |
2018-04-05 | CVE-2017-12089 | Unspecified vulnerability in Rockwellautomation Micrologix 1400 B Firmware An exploitable denial of service vulnerability exists in the program download functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. | 7.5 |
2018-04-05 | CVE-2017-12088 | Improper Input Validation vulnerability in Rockwellautomation Micrologix 1400 B Firmware An exploitable denial of service vulnerability exists in the Ethernet functionality of the Allen Bradley Micrologix 1400 Series B FRN 21.2 and below. | 7.5 |
2017-12-23 | CVE-2017-14022 | Improper Input Validation vulnerability in Rockwellautomation Factorytalk Alarms and Events 2.90 An Improper Input Validation issue was discovered in Rockwell Automation FactoryTalk Alarms and Events, Version 2.90 and earlier. | 7.5 |
2017-09-20 | CVE-2017-7924 | Improper Input Validation vulnerability in Rockwellautomation products An Improper Input Validation issue was discovered in Rockwell Automation MicroLogix 1100 controllers 1763-L16BWA, 1763-L16AWA, 1763-L16BBB, and 1763-L16DWD. | 7.5 |
2017-06-30 | CVE-2017-7901 | Use of Insufficiently Random Values vulnerability in Rockwellautomation products A Predictable Value Range from Previous Values issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series A and B, Version 16.00 and prior versions; and 1763-L16DWD, Series A and B, Version 16.00 and prior versions and Allen-Bradley MicroLogix 1400 programmable logic controllers 1766-L32AWA, Series A and B, Version 16.00 and prior versions; 1766-L32BWA, Series A and B, Version 16.00 and prior versions; 1766-L32BWAA, Series A and B, Version 16.00 and prior versions; 1766-L32BXB, Series A and B, Version 16.00 and prior versions; 1766-L32BXBA, Series A and B, Version 16.00 and prior versions; and 1766-L32AWAA, Series A and B, Version 16.00 and prior versions. | 8.6 |