Lucene search
K

563 matches found

Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.26 views

Rockwell Automation ControlLogix controllers Resource Management Errors (CVE-2012-6435)

Rockwell Automation SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400 allow remote attackers to cause a denial of service control and communication outage via a CIP message that specifies a...

7.8CVSS5.4AI score0.41888EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.21 views

Rockwell (CVE-2015-6486)

SQL injection vulnerability on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. This plugin only works with Tenable.ot. Please visit...

6.5CVSS6.2AI score0.04292EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.41 views

Rockwell Automation MicroLogix Denial Of Service (CVE-2012-4690)

Rockwell Automation Allen-Bradley MicroLogix controller 1100, 1200, 1400, and 1500; SLC 500 controller platform; and PLC-5 controller platform, when Static status is not enabled, allow remote attackers to cause a denial of service via messages that trigger modification of status bits. This plugin...

7.1CVSS5.8AI score0.0405EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.22 views

Rockwell Automation Allen-Bradley Micrologix 1100 Improper Handling of Length Parameter Inconsistency (CVE-2020-6111)

An exploitable denial-of-service vulnerability exists in the IPv4 functionality of Allen-Bradley MicroLogix 1100 Programmable Logic Controller Systems Series B FRN 16.000, Series B FRN 15.002, Series B FRN 15.000, Series B FRN 14.000, Series B FRN 13.000, Series B FRN 12.000, Series B FRN 11.000...

7.5CVSS7.2AI score0.04584EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.29 views

Rockwell Automation MicroLogix Controllers and RSLogix 500 Software Use of Client-Side Authentication (CVE-2020-6988)

Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, A remote, unauthenticated attacker can send a request from the RSLogix 500 software to the victim's MicroLogix...

7.5CVSS7.1AI score0.03887EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.23 views

Rockwell Automation Allen-Bradley MicroLogix 1100 and 1400 Weak Password Requirements (CVE-2017-7903)

A Weak Password Requirements issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable- logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series A and B, Version...

9.8CVSS7.4AI score0.02736EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.25 views

Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules Missing Authentication For Critical Function (CVE-2018-17924)

Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upon successful connection, send a new IP configuration to the affected device even if the controller...

8.6CVSS7.8AI score0.043EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.18 views

Rockwell Automation MicroLogix Improper Authentication (CVE-2017-12088)

An exploitable denial of service vulnerability exists in the Ethernet functionality of the Allen Bradley Micrologix 1400 Series B FRN 21.2 and below. A specially crafted packet can cause a device power cycle resulting in a fault state and deletion of ladder logic. An attacker can send one...

8.6CVSS7.2AI score0.04537EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.26 views

Rockwell Automation Micrologix Improper Access Control (CVE-2017-14466)

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...

10CVSS7.4AI score0.37317EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.26 views

Rockwell Automation MicroLogix Improper Authentication (CVE-2017-12090)

An exploitable denial of service vulnerability exists in the processing of snmp-set commands of the Allen Bradley Micrologix 1400 Series B FRN 21.2 and below. A specially crafted snmp-set request, when sent without associated firmware flashing snmp-set commands, can cause a device power cycle...

7.8CVSS7.5AI score0.0362EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.25 views

Rockwell Automation MicroLogix 1400 and CompactLogix 5370 Controllers URL Redirection to Untrusted Site (CVE-2019-10955)

In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15.002 and earlier, MicroLogix 1100 Controllers v14.00 and earlier, CompactLogix 5370 L1 controllers v30.014 and earlier, CompactLogix 5370 L2 controllers v30.014 and earlier, CompactLogix 5370 L3 controllers...

6.1CVSS6.5AI score0.03043EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.24 views

Rockwell Automation Micrologix Improper Access Control (CVE-2017-14463)

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...

10CVSS7.3AI score0.38208EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.24 views

Rockwell Automation Micrologix Improper Access Control (CVE-2017-14471)

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...

10CVSS7.3AI score0.37317EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.24 views

Rockwell Automation Micro800 and MicroLogix 1400 Channel Accessible By Non-Endpoint (CVE-2021-32926)

When an authenticated password change request takes place, this vulnerability could allow the attacker to intercept the message that includes the legitimate, new password hash and replace it with an illegitimate hash. The user would no longer be able to authenticate to the controller Micro800: Al...

7.5CVSS7.1AI score0.02188EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.33 views

Rockwell Automation Micrologix Improper Access Control (CVE-2017-14462)

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...

10CVSS7.4AI score0.34166EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.19 views

Rockwell Automation MicroLogix 1400 Buffer Copy Without Checking Size of Input (CVE-2021-22659)

Rockwell Automation MicroLogix 1400 Version 21.6 and below may allow a remote unauthenticated attacker to send a specially crafted Modbus packet allowing the attacker to retrieve or modify random values in the register. If successfully exploited, this may lead to a buffer overflow resulting in a...

8.6CVSS7.2AI score0.01719EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.19 views

Rockwell Automation Micrologix Improper Access Control (CVE-2017-14465)

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...

10CVSS7.3AI score0.34166EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.37 views

Rockwell Automation MicroLogix Controllers and RSLogix 500 Software Use of Hard-Coded Cryptographic Key (CVE-2020-6990)

Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic key utilized to help protect the account password is hard coded into the RSLogix 500 binary file...

10CVSS7.4AI score0.04226EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.24 views

Rockwell Automation Micrologix Improper Access Control (CVE-2017-14473)

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...

10CVSS7.4AI score0.37317EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.20 views

Rockwell Automation Allen-Bradley MicroLogix 1100 and 1400 Improper Restriction of Excessive Authentication Attempts (CVE-2017-7898)

An Improper Restriction of Excessive Authentication Attempts issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions;...

9.8CVSS7.4AI score0.0511EPSS
Exploits0References4
Rows per page
Query Builder