Search Results (390 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-8626 1 Rockwellautomation 5 1756-en4tr Firmware, Compact Guardlogix 5380 Firmware, Compactlogix 5380 Firmware and 2 more 2024-10-10 N/A
Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. A malicious actor could exploit this vulnerability by performing multiple actions on certain web pages of the product causing the affected products to become fully unavailable and require a power cycle to recover.
CVE-2024-45823 1 Rockwellautomation 1 Factorytalk Batch View 2024-10-02 8.1 High
CVE-2024-45823 IMPACT An authentication bypass vulnerability exists in the affected product. The vulnerability exists due to shared secrets across accounts and could allow a threat actor to impersonate a user if the threat actor is able to enumerate additional information required during authentication.
CVE-2024-45825 1 Rockwellautomation 2 5015-u8ihft, 5015-u8ihft Firmware 2024-10-02 7.5 High
CVE-2024-45825 IMPACT A denial-of-service vulnerability exists in the affected products. The vulnerability occurs when a malformed CIP packet is sent over the network to the device and results in a major nonrecoverable fault causing a denial-of-service.
CVE-2024-45826 1 Rockwellautomation 1 Thinmanager 2024-10-02 6.8 Medium
CVE-2024-45826 IMPACT Due to improper input validation, a path traversal and remote code execution vulnerability exists when the ThinManager® processes a crafted POST request. If exploited, a user can install an executable file.
CVE-2024-6077 1 Rockwellautomation 18 1756-en4, 1756-en4 Firmware, Compact Guardlogix 5380 Sil2 Firmware and 15 more 2024-09-19 7.5 High
A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover.
CVE-2024-8533 1 Rockwellautomation 6 2800c Optixpanel Compact, 2800c Optixpanel Compact Firmware, 2800s Optixpanel Standard and 3 more 2024-09-19 8.8 High
A privilege escalation vulnerability exists in the Rockwell Automation affected products. The vulnerability occurs due to improper default file permissions allowing users to exfiltrate credentials and escalate privileges.
CVE-2024-7960 1 Rockwellautomation 1 Pavilion8 2024-09-19 9.1 Critical
The Rockwell Automation affected product contains a vulnerability that allows a threat actor to view sensitive information and change settings. The vulnerability exists due to having an incorrect privilege matrix that allows users to have access to functions they should not.
CVE-2024-7961 1 Rockwellautomation 1 Pavilion8 2024-09-19 9.8 Critical
A path traversal vulnerability exists in the Rockwell Automation affected product. If exploited, the threat actor could upload arbitrary files to the server that could result in a remote code execution.
CVE-2024-7507 1 Rockwellautomation 5 Compact Guardlogix 5380 Firmware, Compactlogix 5480 Firmware, Controllogix 5380 Firmware and 2 more 2024-08-15 N/A
CVE-2024-7507 IMPACT A denial-of-service vulnerability exists in the affected products. This vulnerability occurs when a malformed PCCC message is received, causing a fault in the controller.
CVE-2024-7515 1 Rockwellautomation 5 Compact Guardlogix 5380 Firmware, Compactlogix 5380 Firmware, Compactlogix 5480 Firmware and 2 more 2024-08-15 N/A
CVE-2024-7515 IMPACT A denial-of-service vulnerability exists in the affected products. A malformed PTP management packet can cause a major nonrecoverable fault in the controller.