105 matches found
Rockwell Automation ControlLogix and GuardLogix Improper Input Validation (CVE-2024-3493)
A specific malformed fragmented packet type fragmented packets may be generated automatically by devices that send large amounts of data can cause a major nonrecoverable fault MNRF. If exploited, the affected product will become unavailable and require a manual restart to recover it. Additionally...
Rockwell Automation ControlLogix and GuardLogix Denial of Service Vulnerability
Rockwell Automation ControlLogix and GuardLogix are both Rockwell Automation controllers. A denial of service vulnerability exists in Rockwell Automation ControlLogix and GuardLogix, which can be exploited by an attacker to cause a denial of service condition by sending a specially crafted reques...
CVE-2024-21916
A denial-of-service vulnerability exists in specific Rockwell Automation ControlLogix ang GuardLogix controllers. If exploited, the product could potentially experience a major nonrecoverable fault MNRF. The device will restart itself to recover from the MNRF...
Denial of service
A denial-of-service vulnerability exists in specific Rockwell Automation ControlLogix ang GuardLogix controllers. If exploited, the product could potentially experience a major nonrecoverable fault MNRF. The device will restart itself to recover from the MNRF...
CVE-2024-21916 Rockwell Automation Denial-of-service Vulnerability in ICE1 Controller
A denial-of-service vulnerability exists in specific Rockwell Automation ControlLogix ang GuardLogix controllers. If exploited, the product could potentially experience a major nonrecoverable fault MNRF. The device will restart itself to recover from the MNRF...
CVE-2024-21916 Rockwell Automation Denial-of-service Vulnerability in ICE1 Controller
A denial-of-service vulnerability exists in specific Rockwell Automation ControlLogix ang GuardLogix controllers. If exploited, the product could potentially experience a major nonrecoverable fault MNRF. The device will restart itself to recover from the MNRF...
CVE-2024-21916
Summary (CVE-2024-21916): DoS vulnerability in Rockwell Automation ControlLogix and GuardLogix controllers that can cause a major nonrecoverable fault (MNRF) and device restart. Affected products include ControlLogix 5570 (firmware 20.x; corrected in v33.016, 34.013, 35.012, 36.011 and later) and...
Rockwell Automation ControlLogix and GuardLogix
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : ControlLogix, GuardLogix Vulnerability : Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of...
The vulnerability of microprogrammed software in Rockwell Automation’s CompactLogix, ControlLogix, and GuardLogix programmable logic controllers, related to errors in processing input data, allows a intruder to trigger a service failure.
The vulnerability of the microprogrammed software in Rockwell Automation’s CompactLogix, ControlLogix, and GuardLogix controllers is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to cause malfunctions in the system...
CVE-2022-3752 Rockwell Automation GuardLogix and ControlLogix controllers Vulnerable to Denial-Of-Service Attack
An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic loading to cause a denial-of-service condition in Rockwell Automation Logix controllers resulting in a major non-recoverable fault. If the target device becomes unavailable, a user wou...
CVE-2022-3157 Rockwell Automation GuardLogix and ControlLogix controllers Vulnerable to Denial-Of-Service Attack
A vulnerability exists in the Rockwell Automation controllers that allows a malformed CIP request to cause a major non-recoverable fault MNRF and a denial-of-service condition DOS...
PT-2022-6079 · Rockwell Automation · Compactlogix +3
Name of the Vulnerable Software and Affected Versions: Rockwell Automation controllers affected versions not specified Rockwell Automation CompactLogix, ControlLogix, GuardLogix affected versions not specified Description: A vulnerability exists in the Rockwell Automation controllers that allows ...
The vulnerability of microprogrammed software in programmable logic controllers such as ControlLogix 5580, GuardLogix 5580, CompactLogix 5380, CompactLogix 5480, and Compact GuardLogix 5380 lies in improper code generation. This allows attackers to implant code into the controller that the user will be unable to detect.
The vulnerability of microprogrammed software in programmable logic controllers such as ControlLogix 5580, GuardLogix 5580, CompactLogix 5380, CompactLogix 5480, and Compact GuardLogix 5380 lies in improper code generation. Exploiting this vulnerability allows an intruder to implant code into the...
CVE-2022-1161
An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an attacker to chang...
Code injection
An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an attacker to chang...
CVE-2022-1161
CVE-2022-1161 affects Rockwell Automation’s Logix platforms (ControlLogix, CompactLogix, GuardLogix) via Studio 5000 Logix Designer. The root cause is that Studio 5000 writes user‑readable program code to a separate location from the executed compiled code, enabling an attacker to modify one copy...
CVE-2022-1161 ICSA-22-090-05 Rockwell Automation Logix Controllers
An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an attacker to chang...
PT-2022-2353 · Rockwell Automation · Compactlogix 5480 +5
Name of the Vulnerable Software and Affected Versions: Rockwell Automation Studio 5000 Logix Designer all versions ControlLogix 5580 affected versions not specified GuardLogix 5580 affected versions not specified CompactLogix 5380 affected versions not specified CompactLogix 5480 affected version...
Rockwell Automation Studio 5000 Logix Designer
1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: Studio 5000 Logix Designer Vulnerability: Code Injection 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to download a modified program to the...
Rockwell Automation Logix Controllers
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: Logix Controllers Vulnerability: Inclusion of Functionality from Untrusted Control Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an...