Vulnerabilities > Rockwellautomation > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-19 | CVE-2017-5176 | Uncontrolled Search Path Element vulnerability in Rockwellautomation Connected Components Workbench 9.01.00 A DLL Hijack issue was discovered in Rockwell Automation Connected Components Workbench (CCW). | 7.0 |
| 2017-02-13 | CVE-2016-9334 | Unspecified vulnerability in Rockwellautomation products An issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 controller 1763-L16AWA, Series A and B, Version 14.000 and prior versions; 1763-L16BBB, Series A and B, Version 14.000 and prior versions; 1763-L16BWA, Series A and B, Version 14.000 and prior versions; and 1763-L16DWD, Series A and B, Version 14.000 and prior versions. | 7.3 |
| 2016-09-19 | CVE-2016-5814 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rockwellautomation products Buffer overflow in Rockwell Automation RSLogix Micro Starter Lite, RSLogix Micro Developer, RSLogix 500 Starter Edition, RSLogix 500 Standard Edition, and RSLogix 500 Professional Edition allows remote attackers to execute arbitrary code via a crafted RSS project file. | 8.6 |
| 2016-08-24 | CVE-2016-5645 | Improper Access Control vulnerability in Rockwellautomation products Rockwell Automation MicroLogix 1400 PLC 1766-L32BWA, 1766-L32AWA, 1766-L32BXB, 1766-L32BWAA, 1766-L32AWAA, and 1766-L32BXBA devices have a hardcoded SNMP community, which makes it easier for remote attackers to load arbitrary firmware updates by leveraging knowledge of this community. | 7.3 |
| 2016-07-28 | CVE-2016-4531 | Improper Authorization vulnerability in Rockwellautomation Factorytalk Energrymetrix 2.10.00 Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon a logout action, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. | 7.3 |