PT-2022-2065 · Rockwell Automation · Flexlogix +6

Name of the Vulnerable Software and Affected Versions: Rockwell Automation ControlLogix, CompactLogix, and GuardLogix Control systems affected versions not specified Rockwell Automation FlexLogix, DriveLogix, and SoftLogix affected versions not specified Description: The issue allows an attacker ...

Rockwell Automation Logix Controllers

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: Logix Controllers Vulnerability: Inclusion of Functionality from Untrusted Control Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an...

Rockwellautomation Controllogix Unspecified Vulnerability

Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and...

Rockwell Automation FlexLogix System Chassis

Binary data 753536.prm...

Rockwell Automation FlexLogix L33 Processor 1794-L33 PLC

Binary data 753073.prm...

Rockwell Automation/Allen-Bradley Ethernet/IP Products Authentication Bypass

Binary data 720028.prm...

Rockwell Automation FlexLogix L34 Processor 1794-L34 PLC

Binary data 753074.prm...

Rockwell Automation Logix5000 Programmable Automation Controller Buffer Overflow Vulnerability (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-343-05 Rockwell Automation Logix5000 Programmable Automation Controller Buffer Overflow Vulnerability that was published January 5, 2017, on the NCCIC/ICS-CERT web site. Rockwell Automation has identified a buff...

CVE-2012-6435

When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP that instructs the CPU to stop logic execution and enter a fault state, a DoS can occur. This situation could cause loss of availabili...

CVE-2012-6442

When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP that instructs the product to reset, a DoS can occur. This situation could cause loss of availability and a disruption of communicatio...

Design/Logic Flaw

Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and...

CVE-2012-6441

CVE-2012-6441 is an information-exposure vulnerability affecting Rockwell Automation EtherNet/IP products, including 1756-ENBT/1768-ENBT/1768-EWEB modules, CompactLogix/L18-L19 controllers, GuardLogix, SoftLogix, MicroLogix 1100/1400, and associated NICs and adapters. The issue arises when the de...

CVE-2012-6439 Rockwell Automation ControlLogix PLC Improper Access Control

When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP that changes the product’s configuration and network parameters, a DoS condition can occur. This situation could cause loss of...

CVE-2012-6441 Rockwell Automation ControlLogix PLC Information Exposure

An information exposure of confidential information results when the device receives a specially crafted CIP packet to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP. Successful exploitation of this vulnerability could cause loss of confidentiality. Rockwell Automation EtherNet/I...

PT-2013-1950

Name of the Vulnerable Software and Affected Versions Rockwell Automation EtherNet/IP products versions 18 and earlier Rockwell Automation EtherNet/IP products versions 19 and earlier Rockwell Automation EtherNet/IP products versions 20 and earlier 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB...