CVE-2019-10952

An attacker could send a crafted HTTP/HTTPS request to render the web server unavailable and/or lead to remote code execution caused by a stack-based buffer overflow vulnerability. A cold restart is required for recovering CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370...

CVE-2019-10954 Rockwell Automation CompactLogix 5370 Stack-based Buffer Overflow

An attacker could send crafted SMTP packets to cause a denial-of-service condition where the controller enters a major non-recoverable faulted state MNRF in CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370 controllers, and Armor Compact GuardLogix 5370 Controllers Versions 20...

Input Validation Vulnerability in Multiple Rockwell Automation Products

Rockwell Automation Allen-Bradley Compact GuardLogix 5370 controller and so on are programmable logic controller products of Rockwell Rockwell Automation. An input validation vulnerability exists in several Rockwell Automation products. An attacker could exploit this vulnerability to cause a deni...

Rockwell Automation Allen-Bradley CompactLogix and Compact GuardLogix (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: Allen-Bradley CompactLogix and Compact GuardLogix Vulnerability: Improper Input Validation 2 UPDATE INFORMATION This updated advisory is a follow-up to the original...