Rockwell Automation/Allen-Bradley CompactLogix 1769 5370 Series Detection

Binary data 7192.pasl...

Rockwell Automation/Allen-Bradley CompactLogix 1768 Detection

Binary data 7190.pasl...

AB CompactLogix 5000 Series Controller CIP Protocol Denial of Service Vulnerability

The AB CompactLogix 5000 series are controllers for Logix solutions for low-end to mid-size applications. A vulnerability in the CIP communication protocol of the AB CompactLogix 5000 Series controllers, if successfully exploited, could cause the target device to fail to respond properly to...

Rockwell Automation Allen-Bradley CompactLogix Cross-Site Scripting Vulnerability

Rockwell Automation Allen-Bradley CompactLogix is a Web-based SCADA system from Rockwell Automation. 1769-L16ER-BB1B and others are the controllers used in it. A cross-site scripting vulnerability exists in the Rockwell Automation Allen-Bradley CompactLogix web server. A remote attacker could...

CVE-2016-2279

Cross-site scripting XSS vulnerability in the web server in Rockwell Automation Allen-Bradley CompactLogix 1769-L before 28.011+ allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2016-2279

Cross-site scripting XSS vulnerability in the web server in Rockwell Automation Allen-Bradley CompactLogix 1769-L before 28.011+ allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2016-2279

Cross-site scripting XSS vulnerability in the web server in Rockwell Automation Allen-Bradley CompactLogix 1769-L before 28.011+ allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2016-2279

Cross-site scripting XSS vulnerability in the web server in Rockwell Automation Allen-Bradley CompactLogix 1769-L before 28.011+ allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2016-2279

Rockwell Automation Allen-Bradley CompactLogix CVE-2016-2279 is a cross-site scripting vulnerability in the web server of the CompactLogix platform. Affected products include 1769-L16ER-BB1B, 1769-L18ER-BB1B, 1769-L18ERM-BB1B, 1769-L24ER-QB1B, 1769-L24ER-QBFC1B, 1769-L27ERM-QBFC1B, 1769-L30ER, 17...

PT-2016-5083 · Rockwell Automation · Compactlogix 1769-L

Name of the Vulnerable Software and Affected Versions: Rockwell Automation Allen-Bradley CompactLogix 1769-L versions prior to 28.011 Description: A cross-site scripting XSS issue exists, allowing remote attackers to inject arbitrary web script or HTML. Recommendations: For versions prior to...

Rockwell Automation ControlLogix 远程拒绝服务漏洞

漏洞起因 边界条件错误影响系统Rockwell Automation Micrologix 1400 Rockwell Automation Micrologix 1100远程攻击者可以利用漏洞使设备崩溃。攻击所需条件 攻击者必须访问Rockwell Automation MicroLogix产品。漏洞信息Rockwell Automation MicroLogix是一款可编程控制器平台。 设备没有校验要拷贝到缓冲区的数据，允许远程攻击者可以向2222/TCP, 2222/UDP,...

CVE-2012-6435

When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP that instructs the CPU to stop logic execution and enter a fault state, a DoS can occur. This situation could cause loss of availabili...

CVE-2012-6442

When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP that instructs the product to reset, a DoS can occur. This situation could cause loss of availability and a disruption of communicatio...

Design/Logic Flaw

Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and...

Design/Logic Flaw

Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and...

CVE-2012-6441 Rockwell Automation ControlLogix PLC Information Exposure

An information exposure of confidential information results when the device receives a specially crafted CIP packet to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP. Successful exploitation of this vulnerability could cause loss of confidentiality. Rockwell Automation EtherNet/I...

CVE-2012-6435

CVE-2012-6435 affects Rockwell Automation EtherNet/IP products (e.g., 1756-ENBT/ENBT, 1768-ENBT/EWEB, CompactLogix L32E/L35E, 1788-ENBT, 1794-AENTR, MicroLogix 1100/1400, and various ControlLogix/GuardLogix/SoftLogix platforms). The issue allows a CIP message from an unauthorized source to ports ...

CVE-2012-6441

CVE-2012-6441 is an information-exposure vulnerability affecting Rockwell Automation EtherNet/IP products, including 1756-ENBT/1768-ENBT/1768-EWEB modules, CompactLogix/L18-L19 controllers, GuardLogix, SoftLogix, MicroLogix 1100/1400, and associated NICs and adapters. The issue arises when the de...

CVE-2012-6439 Rockwell Automation ControlLogix PLC Improper Access Control

When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP that changes the product’s configuration and network parameters, a DoS condition can occur. This situation could cause loss of...

PT-2013-1948 · Rockwell Automation · Compactlogix L32E +14

Name of the Vulnerable Software and Affected Versions: Rockwell Automation EtherNet/IP products versions prior to the fixed version 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules versions prior to the fixed version CompactLogix L32E and L35E controllers versions prior to the...