6 matches found
Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added two security flaws impacting Hikvision and Rockwell Automation products to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The critical-severity vulnerabilities are listed bel...
EUVD-2024-47439
Malicious code in bioql PyPI...
CVE-2024-6325
The v6.40 release of Rockwell Automation FactoryTalk® Policy Manager CVE-2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and CVE-2022-1161 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1585.html by...
CVE-2021-22681
creationtimestamp| type| source ---|---|--- 2022-04-04 10:47:50+00:00| seen| https://t.me/truesecator/2801 2022-04-04 15:31:31+00:00| seen| https://t.me/SecLabNews/11893 2022-04-21 17:12:16+00:00| exploited| https://t.me/truesecator/2873 2024-05-22 17:00:07+00:00| seen|...
Rockwell Automation Logix Controllers Insufficiently Protected Credentials (CVE-2021-22681)
Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730,...
CVE-2021-22681
CVE-2021-22681 affects Rockwell Automation Studio 5000 Logix Designer (versions 21+) and RSLogix 5000 (16–20). The issue is “Insufficiently Protected Credentials” (CWE-522): an unauthenticated attacker could bypass the verification key used to confirm Logix controller communication and authentica...