EUVD-2024-47235

Malicious code in bioql PyPI...

EUVD-2024-47439

Malicious code in bioql PyPI...

CVE-2024-9124 Rockwell Automation PowerFlex 6000T CIP Security denial-of-service Vulnerability

A denial-of-service vulnerability exists in the Rockwell Automation PowerFlex® 600T. If the device is overloaded with requests, it will become unavailable. The device may require a power cycle to recover it if it does not re-establish a connection after it stops receiving requests...

Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix 5380 Improper Input Validation (CVE-2024-6077)

A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover. This plugin only works with Tenable.ot. Please visit...

Rockwell Automation 5015-U8IHFT Denial of Service Vulnerability

The Rockwell Automation 5015-U8IHFT is a general purpose module from Rockwell Automation. A denial of service vulnerability exists in the Rockwell Automation 5015-U8IHFT, which can be exploited by an attacker to cause a denial of service when sending a specially crafted packet to a CIP security...

CVE-2024-6077

A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover...

CVE-2024-6077

CVE-2024-6077 affects Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix 5380 families. The root cause is improper input validation on the CIP Security object, leading to a denial-of-service where specially crafted packets can render the device unavailable and re...

Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix 5380

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix 5380, CompactLogix 5480, 1756-EN4 Vulnerability : Improper Input Validation 2. RISK...

CVE-2024-6325

The v6.40 release of Rockwell Automation FactoryTalk® Policy Manager CVE-2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and CVE-2022-1161 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1585.html by...

CVE-2024-6325

The v6.40 release of Rockwell Automation FactoryTalk® Policy Manager CVE-2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and CVE-2022-1161 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1585.html by...

CVE-2024-6325

CVE-2024-6325 affects Rockwell Automation FactoryTalk System Services and Policy Manager (v6.40). The root cause is improper privilege management that exposes private keys used for certificates/PSKs, enabling a malicious user with machine access to impersonate resources on the secured network. Th...

CVE-2024-6325 Rockwell Automation Unsecured Private Keys in FactoryTalk® System Services

The v6.40 release of Rockwell Automation FactoryTalk® Policy Manager CVE-2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and CVE-2022-1161 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1585.html by...

Rockwell Automation ControlLogix, GuardLogix, and CompactLogix

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.3 ATTENTION : Low attack complexity Vendor : Rockwell Automation Equipment : ControlLogix, GuardLogix, CompactLogix Vulnerability : Always-Incorrect Control Flow Implementation 2. RISK EVALUATION Successful exploitation of this vulnerability could...

Rockwell Automation Logix Controllers

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: Logix Controllers Vulnerability: Inclusion of Functionality from Untrusted Control Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an...

CVE-2021-1392

A vulnerability in the CLI command permissions of Cisco IOS and Cisco IOS XE Software could allow an authenticated, local attacker to retrieve the password for Common Industrial Protocol CIP and then remotely configure the device as an administrative user. This vulnerability exists because...