Lucene search
K

93 matches found

Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.19 views

Rockwell (CVE-2016-2277) (deprecated)

Plugin deprecated because integratedarchitecturebuilder is not detectable in this way This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2023/03/10...

0.2AI score0.00902EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.25 views

Rockwell Automation ControlLogix Exposure of Sensitive Information to an Unauthorized Actor (CVE-2009-0474)

The web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allows remote attackers to obtain internal web page information and internal information about the module via unspecified vectors. NOTE: this may overlap CVE-2002-1603. This plugin only works with...

5CVSS5.4AI score0.13671EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.32 views

Rockwellautomation Factorytalk Improper Restriction of Operations within the Bounds of a Memory Buffer

In all versions of FactoryTalk View SE, after bypassing memory corruption mechanisms found in the operating system, a local, authenticated attacker may corrupt the associated memory space allowing for arbitrary code execution. Rockwell Automation recommends applying patch 1126290. Before installi...

4.6CVSS2.2AI score0.006EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.24 views

Rockwellautomation Factorytalk Improper Handling of Exceptional Conditions

An unauthenticated remote attacker can send data to RsvcHost.exe listening on TCP port 5241 to add entries in the FactoryTalk Diagnostics event log. The attacker can specify long fields in the log entry, which can cause an unhandled exception in wcscpys if a local user opens FactoryTalk Diagnosti...

5CVSS2.5AI score0.33836EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.22 views

Rockwellautomation Rslinx Unrestricted Upload of File with Dangerous Type

FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 an...

7.8CVSS2.8AI score0.01842EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.23 views

Rockwellautomation Micrologix Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Rockwell Automation MicroLogix 1400 Version 21.6 and below may allow a remote unauthenticated attacker to send a specially crafted Modbus packet allowing the attacker to retrieve or modify random values in the register. If successfully exploited, this may lead to a buffer overflow resulting in a...

7.5CVSS3.3AI score0.01719EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.15 views

Rockwellautomation Logix Improper Restriction of XML External Entity Reference

Rockwell Automation Logix Designer Studio 5000 Versions 32.00, 32.01, and 32.02 vulnerable to an xml external entity XXE vulnerability, which may allow an attacker to view hostnames or other resources from the program. File data ot500474.nasl...

4.3CVSS3.9AI score0.01545EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.28 views

Rockwellautomation Rslinx Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 an...

5CVSS2.4AI score0.0523EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.18 views

Rockwellautomation Factorytalk Allocation of Resources Without Limits or Throttling

An attacker-controlled memory allocation size can be passed to the C++ new operator in the CServerManager::HandleBrowseLoadIconStreamRequest in messaging.dll. This can be done by sending a specially crafted message to 127.0.0.1:7153. Observed in FactoryTalk Linx 6.11. All versions of FactoryTalk...

2.1CVSS3.9AI score0.04776EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.21 views

Rockwellautomation Factorytalk Improper Handling of Exceptional Conditions

An attacker-controlled memory allocation size can be passed to the C++ new operator in RnaDaSvr.dll by sending a specially crafted ConfigureItems message to TCP port 4241. This will cause an unhandled exception, resulting in termination of RSLinxNG.exe. Observed in FactoryTalk 6.11. All versions ...

5CVSS2.7AI score0.38828EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.21 views

Rockwellautomation Flex Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

An exploitable denial of service vulnerability exists in the ENIP Request Path Data Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious...

7.8CVSS3.1AI score0.03515EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.55 views

Rockwellautomation Factorytalk Improper Input Validation

All versions of FactoryTalk View SE do not properly validate input of filenames within a project directory. A remote, unauthenticated attacker may be able to execute a crafted file on a remote endpoint that may result in remote code execution RCE. Rockwell Automation recommends applying patch...

6.8CVSS2.9AI score0.44984EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.24 views

Rockwellautomation Factorytalk Improper Input Validation

A flaw exists in the Ingress/Egress checks routine of FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to specifically craft a malicious packet resulting in a denial-of-service condition on the device. File data ot500455.nasl...

7.8CVSS5.3AI score0.01578EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.18 views

Rockwellautomation Factorytalk Heap-based Buffer Overflow

A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious port ranges, which could result in remote code execution. File data ot500476.nasl...

7.5CVSS4.8AI score0.05461EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.16 views

Rockwellautomation Factorytalk Heap-based Buffer Overflow

A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious set attribute requests, which could result in the leaking of sensitive information. This information disclosure could lead to th...

5CVSS2.1AI score0.03189EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.18 views

Rockwellautomation Factorytalk Improper Input Validation

In Rockwell Automation FactoryTalk Services Platform, all versions, the redundancy host service RdcyHost.exe does not validate supplied identifiers, which could allow an unauthenticated, adjacent attacker to execute remote COM objects with elevated privileges. File data ot500394.nasl...

5.8CVSS5.9AI score0.01099EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.20 views

Rockwellautomation Micrologix Unspecified Vulnerability

An exploitable denial-of-service vulnerability exists in the IPv4 functionality of Allen-Bradley MicroLogix 1100 Programmable Logic Controller Systems Series B FRN 16.000, Series B FRN 15.002, Series B FRN 15.000, Series B FRN 14.000, Series B FRN 13.000, Series B FRN 12.000, Series B FRN 11.000...

5CVSS2.4AI score0.04584EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.19 views

Rockwellautomation Micrologix Channel Accessible by Non-Endpoint

When an authenticated password change request takes place, this vulnerability could allow the attacker to intercept the message that includes the legitimate, new password hash and replace it with an illegitimate hash. The user would no longer be able to authenticate to the controller Micro800: Al...

5CVSS3AI score0.02188EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.29 views

Rockwellautomation Factorytalk Exposure of Sensitive Information to an Unauthorized Actor

All versions of FactoryTalk View SE disclose the hostnames and file paths for certain files within the system. A remote, authenticated attacker may be able to leverage this information for reconnaissance efforts. Rockwell Automation recommends enabling built in security features found within...

4CVSS1AI score0.53024EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.17 views

Rockwellautomation Rslinx Improper Restriction of Operations within the Bounds of a Memory Buffer

A denial-of-service vulnerability exists in the Ethernet/IP server functionality of Rockwell Automation RSLinx Classic 2.57.00.14 CPR 9 SR 3. A specially crafted network request can lead to a denial of service. An attacker can send a sequence of malicious packets to trigger this vulnerability. Fi...

5CVSS4.2AI score0.03388EPSS
Exploits1References2
Rows per page
Query Builder