Lucene search
K

5599 matches found

CVE
CVE
added yesterday6 views

CVE-2026-12659

The CVE-2026-12659 issue affects Rockwell Automation’s Flex 5000® Adapter. It is a denial-of-service vulnerability caused by improper handling of exceptional conditions when processing crafted CIP packets sent to the adapter. The impact is a loss of availability in the affected module and I/O, wi...

8.7CVSS6.1AI score
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-9636

CVE-2026-9636 affects Rockwell CompactLogix 5380, ControlLogix 5580, and EN4 communications modules. The issue is in CIP Security certificate revocation handling: the controller may fail to reject certificates signed by intermediates that have been revoked via a CRL, potentially allowing a networ...

8.2CVSS6AI score
Exploits0References1
CVE
CVE
added yesterday21 views

CVE-2026-10577

The CVE-2026-10577 entry concerns the 1715-AENTR EtherNet/IP Adapter, where a network-accessible debug port does not enforce proper privilege controls. This allows unauthenticated remote access to destructive CLI commands, potentially enabling read/delete of files, stopping tasks, memory modifica...

10CVSS6.1AI score
Exploits0References1
CVE
CVE
added 2026/06/16 2:20 p.m.59 views

CVE-2026-0647

The 1794-AENTR adapter (Rockwell Automation FLEX I/O dual‑port EtherNet/IP) has an improper authentication flaw in its embedded web server. An unauthenticated attacker can change the device web interface password by sending a crafted HTTP GET request to a specific endpoint, without prior authenti...

8.8CVSS5.3AI score0.00435EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 2:20 p.m.38 views

CVE-2026-0647 Rockwell Automation FLEX I/O Dual-port EtherNet/IP Adapters – Multiple Vulnerabilities

An improper authentication security issue exists within the 1794-AENTR adapter's embedded web server. The vulnerability allows an unauthenticated attacker to change the device's web interface password by sending a crafted HTTP GET request to a specific endpoint, without any prior authentication...

8.8CVSS0.00435EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 2:19 p.m.43 views

CVE-2026-0646

The affected product is Rockwell Automation 1794-AENTR adapters (EtherNet/IP). The issue is a denial-of-service caused by improper memory handling of CIP protocol requests in the 1794-AENTR adapter, which can cause the device to fault and drop connections to its linked I/O modules, requiring a ma...

8.7CVSS5.3AI score0.00343EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 2:19 p.m.34 views

CVE-2026-0646 Rockwell Automation FLEX I/O Dual-port EtherNet/IP Adapters – Multiple Vulnerabilities

A denial-of-service security issue exists within the 1794-AENTR adapter due to improper memory handling of CIP protocol requests. This vulnerability can result in the adapter faulting and losing connection to its associated I/O modules, requiring a manual reset to recover...

8.7CVSS0.00343EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 1:51 p.m.30 views

CVE-2025-14272 Rockwell Automation FactoryTalk Analytics PavilionX

A security issue was identified in Pavilion due to improper authorization enforcement in API endpoints. This vulnerability can allow an unauthorized actor to execute privileged operations, including user/role management and other administrative actions...

8.3CVSS0.00235EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 1:50 p.m.30 views

CVE-2025-13036 Rockwell Automation FactoryTalk Historian Site Edition - Authentication Bypass

An authentication bypass security issue exists within FactoryTalk Historian Site Edition. By continually sending requests to the login endpoint, an attacker may obtain a valid authentication token...

9.2CVSS0.0029EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 1:42 p.m.35 views

CVE-2026-9307

The CVE-2026-9307 issue affects CompactLogix 5370 controllers where the web server exposes CIP Connection IDs on the diagnostics page to unauthenticated users, enabling an attacker to craft malicious packets and cause Denial-of-Service. The available documents do not specify affected firmware ver...

6.3CVSS5.3AI score0.00298EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 1:39 p.m.46 views

CVE-2025-11694

The CVE-2025-11694 issue affects 1769 CompactLogix controllers (CIP protocol). The root cause is missing validation of sequence numbers and source IP addresses, enabling an attacker to abuse exposed Connection IDs visible on the web interface to trigger denial-of-service conditions resulting in a...

8.7CVSS5.3AI score0.0017EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/16 1:39 p.m.7 views

CVE-2025-11694 Rockwell Automation CompactLogix 5370 Controllers – Multiple Vulnerabilities

A security issue exists within 1769 CompactLogix controllers due to the missing validation of sequence numbers and source IP addresses in the CIP protocol. This allows attacker to abuse the exposed Connection ID’s visible on the web interface to perform denial-of-service attacks, resulting in...

8.7CVSS5.3AI score0.0017EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 1:39 p.m.32 views

CVE-2025-11694 Rockwell Automation CompactLogix 5370 Controllers – Multiple Vulnerabilities

A security issue exists within 1769 CompactLogix controllers due to the missing validation of sequence numbers and source IP addresses in the CIP protocol. This allows attacker to abuse the exposed Connection ID’s visible on the web interface to perform denial-of-service attacks, resulting in...

8.7CVSS0.0017EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 1:10 p.m.67 views

CVE-2026-11317

CVE-2026-11317 affects Rockwell Automation Logix 5370 and 5570 controllers. The issue is a denial-of-service fault triggered by a crafted CIP message, with memory-constrained devices more likely to be affected. Consequences described are a major nonrecoverable fault (MNRF) requiring a program dow...

8.7CVSS5.3AI score0.00302EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 1:10 p.m.30 views

CVE-2026-11317 Rockwell Automation Logix 5370 and 5570 Controllers Vulnerable To Denial of Service Via CIP

A denial of service security issue exists in the affected product. The security issue stems from a fault occurring when a crafted CIP message is sent. Devices with less memory are more likely to be affected. This can result in a major nonrecoverable fault MNRF. A program download is required to...

8.7CVSS0.00302EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2026/04/08 4:23 a.m.11 views

Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs

Iran-affiliated cyber actors are targeting internet-facing operational technology OT devices across critical infrastructures in the U.S., including programmable logic controllers PLCs, cybersecurity and intelligence agencies warned Tuesday. "These attacks have led to diminished PLC functionality,...

6.2AI score
Exploits0
Circl
Circl
added 2026/03/10 4:0 a.m.6 views

CVE-2020-25178

creationtimestamp| type| source ---|---|--- 2026-03-10 04:00:00+00:00| seen| https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1771.html...

9.3CVSS7.2AI score0.01631EPSS
Exploits0References1
Circl
Circl
added 2026/03/10 4:0 a.m.6 views

CVE-2025-13824

creationtimestamp| type| source ---|---|--- 2026-03-10 04:00:00+00:00| seen| https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1771.html...

8.7CVSS5.9AI score0.00299EPSS
Exploits0References1
Circl
Circl
added 2026/03/10 4:0 a.m.4 views

CVE-2025-13823

creationtimestamp| type| source ---|---|--- 2026-03-10 04:00:00+00:00| seen| https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1771.html...

7.1CVSS5.9AI score0.00185EPSS
Exploits0References1
Circl
Circl
added 2026/03/10 4:0 a.m.6 views

CVE-2020-25176

creationtimestamp| type| source ---|---|--- 2026-03-10 04:00:00+00:00| seen| https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1771.html...

9.8CVSS7.2AI score0.06062EPSS
Exploits0References1
Rows per page
Query Builder