The vulnerability relates to the implementation of the Control and Provisioning of Wireless Access Points protocol (CAPWAP) in Cisco IOS XE operating systems, Catalyst access points, and Cisco Catalyst 9000 series wireless network controllers. It stems from insufficient resource management during their existence, allowing attackers to trigger service interruptions.

The vulnerability of the CAPWAP protocol implementation for Cisco IOS XE operating systems, Catalyst access points, and Cisco Catalyst 9000 series wireless network controllers is related to insufficient resource management during their existence. Exploiting this vulnerability could allow a...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-2873)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Rockwell Automation GuardLogix and ControlLogix controllers Improper Input Validation (CVE-2022-3157)

A vulnerability exists in the Rockwell Automation controllers that allows a malformed CIP request to cause a major non- recoverable fault MNRF and a denial-of-service condition DOS. - A vulnerability exists in the Rockwell Automation controllers that allows a malformed CIP request to cause a majo...

Rockwell Automation controllers denial of service vulnerability (CNVD-2025-04522)

Rockwell Automation controllers are a series of controllers from Rockwell Automation. A denial of service vulnerability exists in Rockwell Automation controllers, which stems from its controllers mishandling of incorrectly formatted CIP requests, and can be exploited by an attacker to cause a maj...

CVE-2022-3752

An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic loading to cause a denial-of-service condition in Rockwell Automation Logix controllers resulting in a major non-recoverable fault. If the target device becomes unavailable, a user wou...

Design/Logic Flaw

An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic loading to cause a denial-of-service condition in Rockwell Automation Logix controllers resulting in a major non-recoverable fault. If the target device becomes unavailable, a user wou...

CVE-2022-3752

Rockwell Automation Logix controllers (including CompactLogix/GuardLogix and ControlLogix families) are affected by CVE-2022-3752 due to improper input validation that allows an unauthorized user to exploit a sequence of Ethernet/IP messages under heavy traffic to trigger a denial-of-service, cau...

CVE-2022-3752 Rockwell Automation GuardLogix and ControlLogix controllers Vulnerable to Denial-Of-Service Attack

An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic loading to cause a denial-of-service condition in Rockwell Automation Logix controllers resulting in a major non-recoverable fault. If the target device becomes unavailable, a user wou...

PT-2022-24017 · Rockwell Automation · Logix Controllers

Name of the Vulnerable Software and Affected Versions: Rockwell Automation Logix controllers affected versions not specified Description: An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic loading to cause a denial-of-service condition...

CVE-2022-46670

Rockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution. The vulnerability is an...

Design/Logic Flaw

A vulnerability exists in the Rockwell Automation controllers that allows a malformed CIP request to cause a major non-recoverable fault MNRF and a denial-of-service condition DOS...

CVE-2022-3157

Rockwell Automation GuardLogix, ControlLogix, and CompactLogix controllers are affected by CVE-2022-3157 through improper input validation of CIP requests, potentially allowing a remote attacker to trigger a major non-recoverable fault (MNRF) and a denial-of-service (DOS) condition. The IOCs/affe...

CVE-2022-3157 Rockwell Automation GuardLogix and ControlLogix controllers Vulnerable to Denial-Of-Service Attack

A vulnerability exists in the Rockwell Automation controllers that allows a malformed CIP request to cause a major non-recoverable fault MNRF and a denial-of-service condition DOS...

Rockwell Automation controllers 输入验证错误漏洞

Rockwell Automation controllers are a series of controllers from Rockwell Automation. A denial of service vulnerability exists in Rockwell Automation controllers, which stems from its controllers mishandling of incorrectly formatted CIP requests, and can be exploited by an attacker to cause a maj...

Siemens Web Server Login Page of Industrial Controllers Cross-Site Request Forgery (CVE-2022-30694)

The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross- site request forgery attack. This plugin only works with Tenable.ot. Please visit...

UBUNTU-CVE-2022-45141

Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption...

Cyber Signals: Risks to critical infrastructure on the rise

Today, the third edition of Cyber Signals was released spotlighting security trends and insights gathered from Microsoft’s 43 trillion daily security signals and 8,500 security experts. In this edition, we share new insights on wider risks that converging IT, Internet of Things IoT, and operation...

Cyber Signals: Risks to critical infrastructure on the rise

Today, the third edition of Cyber Signals was released spotlighting security trends and insights gathered from Microsoft’s 43 trillion daily security signals and 8,500 security experts. In this edition, we share new insights on wider risks that converging IT, Internet of Things IoT, and operation...

Siemens Industrial Product Denial of Service Vulnerability (CNVD-2022-87984)

SIMATIC Drive Controllers for the automation of production machines combine the functionality of SIMATIC S7-1500 CPUs with that of SINAMICS S120 drive controls.SIMATIC ET 200SP Open Controller is the PC-based version of the SIMATIC S7-1500 controller. Includes optional visualization features and...

Siemens Industrial Product Denial of Service Vulnerability (CNVD-2022-87982)

SIMATIC Drive Controllers for the automation of production machines combine the functionality of SIMATIC S7-1500 CPUs with that of SINAMICS S120 drive controls.SIMATIC ET 200SP Open Controller is the PC-based version of the SIMATIC S7-1500 controller. Includes optional visualization features and...