Vulnerabilities > Rockwellautomation > Safety Instrumented Systems Workstation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-17 | CVE-2022-1118 | Deserialization of Untrusted Data vulnerability in Rockwellautomation products Connected Components Workbench (v13.00.00 and prior), ISaGRAF Workbench (v6.0 though v6.6.9), and Safety Instrumented System Workstation (v1.2 and prior (for Trusted Controllers)) do not limit the objects that can be deserialized. | 6.8 |
| 2022-04-01 | CVE-2022-1018 | XXE vulnerability in Rockwellautomation products When opening a malicious solution file provided by an attacker, the application suffers from an XML external entity vulnerability due to an unsafe call within a dynamic link library file. | 4.3 |