Filtered by vendor Rockwellautomation
Subscribe
Total
345 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-0497 | 1 Rockwellautomation | 1 Factorytalk Assetcentre | 2025-11-04 | N/A | 9.8 CRITICAL |
| A data exposure vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. The vulnerability exists due to storing credentials in the configuration file of EventLogAttachmentExtractor, ArchiveExtractor, LogCleanUp, or ArchiveLogCleanUp packages. | |||||
| CVE-2025-0498 | 1 Rockwellautomation | 1 Factorytalk Assetcentre | 2025-11-04 | N/A | 9.8 CRITICAL |
| A data exposure vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. The vulnerability exists due to insecure storage of FactoryTalk® Security user tokens, which could allow a threat actor to steal a token and, impersonate another user. | |||||
| CVE-2025-7329 | 1 Rockwellautomation | 2 1783-natr, 1783-natr Firmware | 2025-10-30 | N/A | 4.8 MEDIUM |
| A Stored Cross-Site Scripting security issue exists in the affected product that could potentially allow a malicious user to view and modify sensitive data or make the webpage unavailable. The vulnerability stems from missing special character filtering and encoding. Successful exploitation requires an attacker to be able to update configuration fields behind admin login. | |||||
| CVE-2025-7330 | 1 Rockwellautomation | 2 1783-natr, 1783-natr Firmware | 2025-10-30 | N/A | 6.5 MEDIUM |
| A cross-site request forgery security issue exists in the product and version listed. The vulnerability stems from missing CSRF checks on the impacted form. This allows for unintended configuration modification if an attacker can convince a logged in admin to visit a crafted link. | |||||
| CVE-2025-7972 | 1 Rockwellautomation | 1 Factorytalk Linx | 2025-10-29 | N/A | 9.1 CRITICAL |
| A security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NODE_ENV to ‘development’, the attacker can disable FTSP token validation. This bypass allows access to create, update, and delete FTLinx drivers. | |||||
| CVE-2025-7328 | 1 Rockwellautomation | 2 1783-natr, 1783-natr Firmware | 2025-10-29 | N/A | 9.8 CRITICAL |
| Multiple Broken Authentication security issues exist in the affected product. The security issues are due to missing authentication checks on critical functions. These could result in potential denial-of-service, admin account takeover, or NAT rule modifications. Devices would no longer be able to communicate through NATR as a result of denial-of-service or NAT rule modifications. NAT rule modification could also result in device communication to incorrect endpoints. Admin account takeover could allow modification of configuration and require physical access to restore. | |||||
| CVE-2025-9063 | 1 Rockwellautomation | 1 Factorytalk View | 2025-10-28 | N/A | 9.8 CRITICAL |
| An authentication bypass security issue exists within FactoryTalk View Machine Edition Web Browser ActiveX control. Exploitation of this vulnerability allows unauthorized access to the PanelView Plus 7 Series B, including access to the file system, retrieval of diagnostic information, event logs, and more. | |||||
| CVE-2025-9064 | 1 Rockwellautomation | 1 Factorytalk View | 2025-10-28 | N/A | 9.1 CRITICAL |
| A path traversal security issue exists within FactoryTalk View Machine Edition, allowing unauthenticated attackers on the same network as the device to delete any file within the panels operating system. Exploitation of this vulnerability is dependent on the knowledge of filenames to be deleted. | |||||
| CVE-2023-20198 | 2 Cisco, Rockwellautomation | 5 Ios Xe, Allen-bradley Stratix 5200, Allen-bradley Stratix 5200 Firmware and 2 more | 2025-10-28 | N/A | 10.0 CRITICAL |
| Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previously unknown issues. The attacker first exploited CVE-2023-20198 to gain initial access and issued a privilege 15 command to create a local user and password combination. This allowed the user to log in with normal user access. The attacker then exploited another component of the web UI feature, leveraging the new local user to elevate privilege to root and write the implant to the file system. Cisco has assigned CVE-2023-20273 to this issue. CVE-2023-20198 has been assigned a CVSS Score of 10.0. CVE-2023-20273 has been assigned a CVSS Score of 7.2. Both of these CVEs are being tracked by CSCwh87343. | |||||
| CVE-2025-9068 | 1 Rockwellautomation | 1 Factorytalk Linx | 2025-10-24 | N/A | 7.8 HIGH |
| A security issue exists within the Rockwell Automation Driver Package x64 Microsoft Installer File (MSI) repair functionality, installed with FTLinx. Authenticated attackers with valid Windows Users credentials can initiate a repair and hijack the resulting console window for vbpinstall.exe. This allows the launching of a command prompt running with SYSTEM-level privileges, allowing full access to all files, processes, and system resources. | |||||
| CVE-2024-6436 | 1 Rockwellautomation | 1 Sequencemanager | 2025-10-22 | N/A | 6.5 MEDIUM |
| An input validation vulnerability exists in the Rockwell Automation Sequence Manager™ which could allow a malicious user to send malformed packets to the server and cause a denial-of-service condition. If exploited, the device would become unresponsive, and a manual restart will be required for recovery. Additionally, if exploited, there could be a loss of view for the downstream equipment sequences in the controller. Users would not be able to view the status or command the equipment sequences, however the equipment sequence would continue to execute uninterrupted. | |||||
| CVE-2024-7987 | 1 Rockwellautomation | 1 Thinmanager Thinserver | 2025-10-21 | N/A | 7.8 HIGH |
| A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™ that allows a threat actor to execute arbitrary code with System privileges. To exploit this vulnerability and a threat actor must abuse the ThinServer™ service by creating a junction and use it to upload arbitrary files. | |||||
| CVE-2024-7988 | 1 Rockwellautomation | 1 Thinmanager Thinserver | 2025-10-21 | N/A | 9.8 CRITICAL |
| A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™ that allows a threat actor to execute arbitrary code with System privileges. This vulnerability exists due to the lack of proper data input validation, which allows files to be overwritten. | |||||
| CVE-2025-9067 | 1 Rockwellautomation | 1 Factorytalk Linx | 2025-10-20 | N/A | 7.8 HIGH |
| A security issue exists within the x86 Microsoft Installer File (MSI), installed with FTLinx. Authenticated attackers with valid Windows user credentials can initiate a repair and hijack the resulting console window. This allows the launching of a command prompt running with SYSTEM-level privileges, allowing full access to all files, processes, and system resources. | |||||
| CVE-2025-9065 | 1 Rockwellautomation | 1 Thinmanager | 2025-10-20 | N/A | 8.8 HIGH |
| A server-side request forgery security issue exists within Rockwell Automation ThinManager® software due to the lack of input sanitization. Authenticated attackers can exploit this vulnerability by specifying external SMB paths, exposing the ThinServer® service account NTLM hash. | |||||
| CVE-2025-9161 | 1 Rockwellautomation | 1 Factorytalk Optix | 2025-10-20 | N/A | 8.8 HIGH |
| A security issue exists within FactoryTalk Optix MQTT broker due to the lack of URI sanitization. This flaw enables the loading of remote Mosquito plugins, which can be used to achieve remote code execution. | |||||
| CVE-2025-9166 | 1 Rockwellautomation | 2 Controllogix 5580, Controllogix 5580 Firmware | 2025-10-20 | N/A | 7.5 HIGH |
| A denial-of-service security issue exists in the affected product and version. The security issue stems from the controller repeatedly attempting to forward messages. The issue could result in a major nonrecoverable fault on the controller. | |||||
| CVE-2024-7847 | 1 Rockwellautomation | 4 Rslogix 5, Rslogix 500, Rslogix Micro Developer and 1 more | 2025-09-29 | N/A | 7.7 HIGH |
| VULNERABILITY DETAILS Rockwell Automation used the latest versions of the CVSS scoring system to assess the following vulnerabilities. The following vulnerabilities were reported to us by Sharon Brizinov of Claroty Research - Team82. A feature in the affected products enables users to prepare a project file with an embedded VBA script and can be configured to run once the project file has been opened without user intervention. This feature can be abused to trick a legitimate user into executing malicious code upon opening an infected RSP/RSS project file. If exploited, a threat actor may be able to perform a remote code execution. Connected devices may also be impacted by exploitation of this vulnerability. | |||||
| CVE-2024-9124 | 1 Rockwellautomation | 2 Powerflex 6000t, Powerflex 6000t Firmware | 2025-09-22 | N/A | 7.5 HIGH |
| A denial-of-service vulnerability exists in the Rockwell Automation PowerFlex® 600T. If the device is overloaded with requests, it will become unavailable. The device may require a power cycle to recover it if it does not re-establish a connection after it stops receiving requests. | |||||
| CVE-2014-0755 | 1 Rockwellautomation | 2 Logix 5000 Controller, Rslogix 5000 Design And Configuration Software | 2025-09-19 | 6.3 MEDIUM | N/A |
| Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not properly implement password protection for .ACD files (aka project files), which allows local users to obtain sensitive information or modify data via unspecified vectors. | |||||