92 matches found
EUVD-2020-28124
Malware in sbrugna...
EUVD-2020-28130
Malware in sbrugna...
EUVD-2011-3452
Malware in sbrugna...
EUVD-2020-28128
Malware in sbrugna...
CVE-2021-22681
Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730,...
CVE-2020-6984
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic function utilized to protect the password in MicroLogix is discoverable...
CVE-2020-6988
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, A remote, unauthenticated attacker can send a request from the RSLogix 500 software to the victim’s MicroLogix...
CVE-2012-0221
The FactoryTalk FT RNADiagReceiver service in Rockwell Automation Allen-Bradley FactoryTalk CPR9 through SR5 and RSLogix 5000 17 through 20 does not properly handle the return value from an unspecified function, which allows remote attackers to cause a denial of service service outage via a craft...
Rockwell Automation多款产品 安全漏洞
Rockwell Automation RSLogix 500 and others are products of Rockwell Automation, a U.S. company.Rockwell Automation RSLogix 500 is a suite of programming software for industrial control systems.Rockwell Automation Rockwell Automation RSLogix Micro Developer and Starter is an industrial control...
The vulnerability of RSLogix 5 and RSLogix 500 software’s VBA scripts allows a perpetrator to execute arbitrary code.
The vulnerability of RSLogix 5 and RSLogix 500 VBA scripts in software applications is related to insufficient verification of data authenticity. Exploiting this vulnerability allows an attacker to execute arbitrary code, provided that the user opens a specially crafted RSP/RSS file for the proje...
Rockwell Automation RSLogix 5 and RSLogix 500
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.8 ATTENTION : Exploitable locally/high attack complexity Vendor : Rockwell Automation Equipment : RSLogix 5 and RSLogix 500 Vulnerability : Insufficient verification of data authenticity 2. RISK EVALUATION Successful exploitation of this vulnerability...
Rockwell (CVE-2012-0222) (deprecated)
Plugin deprecated because rslogix and factorytalk is not detectable in this way This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2023/03/10. Deprecat...
Rockwell (CVE-2011-3489) (deprecated)
Plugin deprecated because RSLogix is not detectable in this way. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2023/03/10. Deprecated because...
Rockwell Automation RSLogix Improper Access Control (CVE-2010-5305)
The potential exists for exposure of the product's password used to restrict unauthorized access to Rockwell PLC5/SLC5/0x/RSLogix 1785-Lx and 1747-L5x controllers. The potential exists for an unauthorized programming and configuration client to gain access to the product and allow changes to the...
Rockwell (CVE-2012-0221) (deprecated)
Plugin deprecated because rslogix and factorytalk is not detectable in this way This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2023/03/10. Deprecat...
Rockwell Automation MicroLogix Controllers and RSLogix 500 Software Cleartext Storage of Sensitive Information (CVE-2020-6980)
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, If Simple Mail Transfer Protocol SMTP account data is saved in RSLogix 500, a local attacker with access to a...
Rockwell Automation MicroLogix Controllers and RSLogix 500 Software Use of Hard-Coded Cryptographic Key (CVE-2020-6990)
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic key utilized to help protect the account password is hard coded into the RSLogix 500 binary file...
Rockwell Automation MicroLogix Controllers and RSLogix 500 Software Use of Client-Side Authentication (CVE-2020-6988)
Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, A remote, unauthenticated attacker can send a request from the RSLogix 500 software to the victim's MicroLogix...
Rockwellautomation Rslogix Insufficiently Protected Credentials
Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730,...
CVE-2021-22681
Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730,...