Vulnerabilities > Rockwellautomation > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-26 | CVE-2024-21912 | Out-of-bounds Write vulnerability in Rockwellautomation Arena An arbitrary code execution vulnerability in Rockwell Automation Arena Simulation could let a malicious user insert unauthorized code into the software. | 7.8 |
| 2024-03-26 | CVE-2024-21913 | Out-of-bounds Write vulnerability in Rockwellautomation Arena A heap-based memory buffer overflow vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code into the software by overstepping the memory boundaries, which triggers an access violation. | 7.8 |
| 2024-03-26 | CVE-2024-21918 | Use After Free vulnerability in Rockwellautomation Arena A memory buffer vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by corrupting the memory and triggering an access violation. | 7.8 |
| 2024-03-26 | CVE-2024-21919 | Access of Uninitialized Pointer vulnerability in Rockwellautomation Arena An uninitialized pointer in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by leveraging the pointer after it is properly. | 7.8 |
| 2024-03-26 | CVE-2024-21920 | Out-of-bounds Read vulnerability in Rockwellautomation Arena A memory buffer vulnerability in Rockwell Automation Arena Simulation could potentially let a threat actor read beyond the intended memory boundaries. | 7.1 |
| 2024-03-26 | CVE-2024-2929 | Out-of-bounds Write vulnerability in Rockwellautomation Arena A memory corruption vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by corrupting the memory triggering an access violation. | 7.8 |
| 2024-03-25 | CVE-2024-2425 | Unspecified vulnerability in Rockwellautomation Powerflex 527 AC Drives Firmware A denial-of-service vulnerability exists in the Rockwell Automation PowerFlex® 527 due to improper input validation in the device. | 7.5 |
| 2024-03-25 | CVE-2024-2426 | Unspecified vulnerability in Rockwellautomation Powerflex 527 AC Drives Firmware A denial-of-service vulnerability exists in the Rockwell Automation PowerFlex® 527 due to improper input validation in the device. | 7.5 |
| 2024-03-25 | CVE-2024-2427 | Unspecified vulnerability in Rockwellautomation Powerflex 527 AC Drives Firmware A denial-of-service vulnerability exists in the Rockwell Automation PowerFlex® 527 due to improper traffic throttling in the device. | 7.5 |
| 2024-02-16 | CVE-2024-21915 | Incorrect Permission Assignment for Critical Resource vulnerability in Rockwellautomation Factorytalk Services Platform A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform (FTSP). | 8.8 |