Lucene search
K

838 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:53 a.m.10 views

CVE-2021-27470

A deserialization vulnerability exists in how the LogService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in FactoryTalk AssetCentre...

10CVSS7.8AI score0.03681EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:53 a.m.8 views

CVE-2021-27466

A deserialization vulnerability exists in how the ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in FactoryTalk AssetCentre...

10CVSS7.8AI score0.03736EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:53 a.m.6 views

CVE-2021-27462

A deserialization vulnerability exists in how the AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in FactoryTalk AssetCentre...

10CVSS7.8AI score0.03681EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:53 a.m.8 views

CVE-2021-27464

The ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier exposes functions lacking proper authentication. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary SQL statements...

10CVSS8AI score0.03346EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/15 12:0 a.m.4 views

Rockwell Automation FactoryTalk DataMosaix Private Cloud SQL Injection Vulnerability

Rockwell Automation FactoryTalk DataMosaix Private Cloud is an industrial data platform product from Rockwell Automation USA. A SQL injection vulnerability exists in Rockwell Automation FactoryTalk DataMosaix Private Cloud, which can be exploited by an attacker to perform sensitive database...

8.7CVSS5.9AI score0.004EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 1:56 p.m.27 views

CVE-2025-12807 FactoryTalk® DataMosaix™ Private Cloud SQL Injection

A security issue was discovered in DataMosaix Private Cloud, allowing users with low privilege to perform sensitive database operations through exposed API endpoints...

8.7CVSS0.004EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.4 views

Rockwell Automation FactoryTalk DataMosaix Private Cloud 安全漏洞

Rockwell Automation FactoryTalk DataMosaix Private Cloud is an industrial data platform product from Rockwell Automation USA. A SQL injection vulnerability exists in Rockwell Automation FactoryTalk DataMosaix Private Cloud, which can be exploited by an attacker to perform sensitive database...

8.7CVSS5.8AI score0.004EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/14 12:0 a.m.2 views

Rockwell Automation FactoryTalk DataMosaix Private Cloud Cross-Site Scripting Vulnerability

Rockwell Automation FactoryTalk DataMosaix Private Cloud is an industrial data platform product from Rockwell Automation USA. Rockwell Automation FactoryTalk DataMosaix Private Cloud suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering an...

8.6CVSS6.1AI score0.00309EPSS
Exploits0References1
ICS
ICS
added 2025/11/13 7:0 a.m.8 views

Rockwell Automation FactoryTalk DataMosaix Private Cloud

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to take over accounts, steal credentials, redirect users to a malicious website, or bypass MFA. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

6.2AI score
Exploits0References13
ICS
ICS
added 2025/11/13 7:0 a.m.4 views

Rockwell Automation FactoryTalk Policy Manager

RISK EVALUATION Successful exploitation of this vulnerability could lead to resource exhaustion and denial of service. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all...

7.5CVSS7.4AI score0.03168EPSS
Exploits0References13
Vulnrichment
Vulnrichment
added 2025/11/11 1:35 p.m.3 views

CVE-2025-11085 FactoryTalk® DataMosaix™ Private Cloud – Persistent XSS

A security issue exists within DataMosaix™ Private Cloud allowing for Persistent XSS. This vulnerability can result in the execution of malicious JavaScript, allowing for account takeover, credential theft, or redirection to a malicious website...

8.6CVSS6.4AI score0.00309EPSS
Exploits0References1
CVE
CVE
added 2025/11/11 1:26 p.m.13 views

CVE-2025-11084

CVE-2025-11084 affects Rockwell Automation’s DataMosaix Private Cloud. The issue allows bypassing MFA during initial setup and obtaining a valid login-token cookie without a user password when MFA is enabled but not completed within 7 days. This can lead to account takeover and credential exposur...

7.6CVSS6.3AI score0.0013EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.3 views

Rockwell Automation FactoryTalk DataMosaix Private Cloud 安全漏洞

Rockwell Automation FactoryTalk DataMosaix Private Cloud is an industrial data platform product from Rockwell Automation USA. Rockwell Automation FactoryTalk DataMosaix Private Cloud suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering an...

8.6CVSS5.8AI score0.00309EPSS
Exploits0References1
NCSC
NCSC
added 2025/10/31 9:35 a.m.18 views

Vulnerabilities fixed in Rockwell Automation FactoryTalk

Rockwell Automation has fixed vulnerabilities in FactoryTalk View Machine Edition. The vulnerabilities include an authentication bypass that allows unauthorized access to the PanelView Plus 7 Series B file system and diagnostic information. In addition, there is a path-traversal vulnerability tha...

9.8CVSS7.5AI score0.00554EPSS
Exploits0References3
CNVD
CNVD
added 2025/10/17 12:0 a.m.6 views

Rockwell Automation FactoryTalk Linx Elevation of Privilege Vulnerability

Rockwell Automation FactoryTalk Linx is a set of industrial communication solutions from Rockwell Rockwell Automation. It is used to communicate between small applications and large automation systems. An elevation of privilege vulnerability exists in Rockwell Automation FactoryTalk Linx due to a...

8.5CVSS5.8AI score0.00172EPSS
Exploits0References1
CNVD
CNVD
added 2025/10/17 12:0 a.m.5 views

Rockwell Automation FactoryTalk Linx Elevation of Privilege Vulnerability (CNVD-2026-10857)

Rockwell Automation FactoryTalk Linx is a set of industrial communication solutions from Rockwell Rockwell Automation. The product is primarily used for small applications to communicate with large automation systems and more. An elevation of privilege vulnerability exists in Rockwell Automation...

8.5CVSS5.7AI score0.00166EPSS
Exploits0References1
CNVD
CNVD
added 2025/10/17 12:0 a.m.4 views

Rockwell Automation FactoryTalk View Machine Edition Path Traversal Vulnerability

Rockwell Automation FactoryTalk View Machine Edition is a versatile HMI application from Rockwell Automation. A path traversal vulnerability exists in Rockwell Automation FactoryTalk View Machine Edition, which can be exploited by an attacker to delete any file in the panel's operating system...

9.1CVSS5.6AI score0.00554EPSS
Exploits0References1
CNVD
CNVD
added 2025/10/17 12:0 a.m.2 views

Rockwell Automation FactoryTalk ViewPoint Denial of Service Vulnerability

Rockwell Automation FactoryTalk ViewPoint is a web-based client application from Rockwell Automation. A denial of service vulnerability exists in Rockwell Automation FactoryTalk ViewPoint, which can be exploited by an attacker to cause a denial of service...

8.7CVSS5.9AI score0.00415EPSS
Exploits0References1
ICS
ICS
added 2025/10/16 6:0 a.m.14 views

Rockwell Automation FactoryTalk ViewPoint

RISK EVALUATION Successful exploitation of this vulnerability could allow unauthenticated attackers to achieve XML external entity injection, resulting in a temporary denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

8.7CVSS6.8AI score0.00415EPSS
Exploits0References11
ICS
ICS
added 2025/10/16 6:0 a.m.7 views

Rockwell Automation FactoryTalk Linx

RISK EVALUATION Successful exploitation of these vulnerabilities may allow full access to all files, processes, and system resources. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also...

8.5CVSS6.5AI score0.00172EPSS
Exploits0References10
Rows per page
Query Builder