Lucene search
K

196 matches found

CVE
CVE
added 2021/03/03 5:59 p.m.138 views

CVE-2021-22681

CVE-2021-22681 affects Rockwell Automation Studio 5000 Logix Designer (versions 21+) and RSLogix 5000 (16–20). The issue is “Insufficiently Protected Credentials” (CWE-522): an unauthenticated attacker could bypass the verification key used to confirm Logix controller communication and authentica...

9.8CVSS9.4AI score0.25455EPSS
In wildExploits1References2Affected Software3
Positive Technologies
Positive Technologies
added 2021/03/03 12:0 a.m.5 views

PT-2021-2236

Name of the Vulnerable Software and Affected Versions Rockwell Automation Studio 5000 Logix Designer versions 21 and later, and RSLogix 5000 versions 16 through 20. Description An authentication bypass issue exists in Rockwell Automation's Studio 5000 Logix Designer and RSLogix 5000 software,...

10CVSS7.5AI score0.25455EPSS
Exploits1References44
Positive Technologies
Positive Technologies
added 2021/03/02 12:0 a.m.4 views

PT-2021-2365 · Rockwell Automation · Guardlogix 5370 +7

Name of the Vulnerable Software and Affected Versions: Rockwell Automation CompactLogix 5370 versions prior to 34 Rockwell Automation ControlLogix 5570 versions prior to 34 Rockwell Automation CompactLogix 5370 L1 versions prior to 34 Rockwell Automation CompactLogix 5370 L2 versions prior to 34...

8.6CVSS8.4AI score0.0174EPSS
Exploits0References8
ICS
ICS
added 2021/03/02 12:0 a.m.87 views

Rockwell Automation CompactLogix 5370 and ControlLogix 5570 Controllers (Update A)

1. EXECUTIVE SUMMARY CVSS v3 5.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: CompactLogix and ControlLogix controllers Vulnerability: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory...

8.6CVSS7.3AI score0.0174EPSS
Exploits0References5
CNVD
CNVD
added 2021/01/19 12:0 a.m.3 views

Allen-Bradley CompactLogix L16ER Has Industrial Control Device Vulnerability

Allen-Bradley Automation provides customers with a full suite of components, products, control and information platforms, as well as support services and manufacturing solutions. An industrial control device vulnerability exists in Allen-Bradley CompactLogix L16ER. An attacker could exploit the...

6.7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/12/26 12:0 a.m.4 views

The vulnerability of the microprogramming software used in MicroLogix 1400 A, MicroLogix 1400 B, MicroLogix 1100, CompactLogix 5370 L1, CompactLogix 5370 L2, and CompactLogix 5370 L3 allows a hacker to redirect the target user to a malicious website using a specially created link.

The vulnerability of microprogrammed logic controllers from MicroLogix, such as MicroLogix 1400 A, MicroLogix 1400 B, MicroLogix 1100, CompactLogix 5370 L1, CompactLogix 5370 L2, and CompactLogix 5370 L3, is related to the redirection of URLs to unreliable websites. Exploiting this vulnerability...

6.4CVSS6.3AI score0.03043EPSS
Exploits0References5Affected Software5
Tenable Nessus
Tenable Nessus
added 2019/11/08 12:0 a.m.24 views

Rockwellautomation Compactlogix Uncontrolled Resource Consumption

A Resource Exhaustion issue was discovered in Rockwell Automation ControlLogix 5580 controllers V28.011, V28.012, and V28.013; ControlLogix 5580 controllers V29.011; CompactLogix 5380 controllers V28.011; and CompactLogix 5380 controllers V29.011. This vulnerability may allow an attacker to cause...

7.1CVSS3.5AI score0.02633EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/11/08 12:0 a.m.25 views

Rockwellautomation Controllogix Unspecified Vulnerability

Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and...

7.8CVSS5.6AI score0.41888EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/11/08 12:0 a.m.26 views

Rockwellautomation Controllogix Exposure of Sensitive Information to an Unauthorized Actor

Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and...

5CVSS5.1AI score0.54168EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/11/08 12:0 a.m.29 views

Rockwellautomation Compactlogix Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site scripting XSS vulnerability in the web server in Rockwell Automation Allen-Bradley CompactLogix 1769-L before 28.011+ allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. File data ot500302.nasl...

4.3CVSS4.2AI score0.07531EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2019/11/08 12:0 a.m.26 views

Rockwellautomation Compactlogix Improper Restriction of Operations within the Bounds of a Memory Buffer

An attacker could send a crafted HTTP/HTTPS request to render the web server unavailable and/or lead to remote code execution caused by a stack-based buffer overflow vulnerability. A cold restart is required for recovering CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370...

7.5CVSS5.1AI score0.09991EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/11/08 12:0 a.m.24 views

Rockwellautomation Compactlogix Improper Restriction of Operations within the Bounds of a Memory Buffer

An attacker could send crafted SMTP packets to cause a denial-of-service condition where the controller enters a major non-recoverable faulted state MNRF in CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370 controllers, and Armor Compact GuardLogix 5370 Controllers Versions 20...

7.8CVSS4.2AI score0.06104EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/11/08 12:0 a.m.41 views

Rockwellautomation Controllogix Unspecified Vulnerability

Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and...

8.5CVSS5.9AI score0.28348EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/09/24 12:0 a.m.21 views

Rockwell Automation CompactLogix <= v30.014 Uncontrolled Resource Consumption or Stack-based Buffer Overflow (ICSA-19-120-01)

Binary data 720278.prm...

9.8CVSS7AI score0.09991EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/08/02 12:0 a.m.9 views

Rockwell Automation/Allen-Bradley 1769-L18ERM LOGIX5318ERM CompactLogix 5370 L1 Processor

Binary data 764811.prm...

7.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2019/05/26 12:0 a.m.6 views

Rockwell Automation CompactLogix 5370 Buffer Overflow Denial of Service (CVE-2019-10954)

A denial of service vulnerability exists in Rockwell Automation CompactLogix 5370 PLCs. A remote, unauthenticated attacker could send crafted SMTP configuration packets to cause denial of service conditions...

7.8CVSS4.7AI score0.06104EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/05/21 12:0 a.m.22 views

Rockwell Automation MicroLogix 1100/1400 and CompactLogix 5370 Controllers Open Redirection Vulnerability

The Rockwell Automation MicroLogix 1100/1400 or CompactLogix 5370 controller web server is affected by an open redirect vulnerability. An unauthenticated remote attacker can exploit this issue in conjunction with a social engineering attack to redirect the user to a malicious site that could run ...

5.8CVSS3.1AI score0.03043EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/05/13 12:0 a.m.17 views

Rockwell Automation/Allen-Bradley CompactLogix 1768 Detection

Binary data 67.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/05/13 12:0 a.m.13 views

Rockwell Automation/Allen-Bradley CompactLogix 1769-Lx PLC Detection

Binary data 68.prm...

7.3AI score
Exploits0
CNVD
CNVD
added 2019/05/10 12:0 a.m.1 views

Denial of Service Vulnerability in Rockwell Allen-Bradley 1769-L32E CompactLogix EtherNet Processor

The Rockwell Allen-Bradley 1769-L32E CompactLogix EtherNet Processor is a 1766-L32 Series Programmable Logic Controller PLC that provides an integrated ControlNet communication port that provides an integrated Ethernet interface. A denial of service vulnerability exists in the Rockwell...

6.7AI score
Exploits0
Rows per page
Query Builder