VulnCheck KEV: CVE-2021-22681

Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730,...

PT-2022-2065 · Rockwell Automation · Flexlogix +6

Name of the Vulnerable Software and Affected Versions: Rockwell Automation ControlLogix, CompactLogix, and GuardLogix Control systems affected versions not specified Rockwell Automation FlexLogix, DriveLogix, and SoftLogix affected versions not specified Description: The issue allows an attacker ...

Rockwell Automation Logix Controllers

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: Logix Controllers Vulnerability: Inclusion of Functionality from Untrusted Control Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an...

Rockwell Automation ControlLogix controllers Resource Management Errors (CVE-2012-6435)

Rockwell Automation SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400 allow remote attackers to cause a denial of service control and communication outage via a CIP message that specifies a...

CVE-2021-22681

Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730,...

CVE-2021-22681

CVE-2021-22681 affects Rockwell Automation Studio 5000 Logix Designer (Versions 21+) and RSLogix 5000 (16–20). The root cause is an insecure authentication/verification mechanism used to validate that Logix controllers are communicating with Rockwell hardware (e.g., CompactLogix, ControlLogix, Gu...

PT-2021-2236

Name of the Vulnerable Software and Affected Versions Rockwell Automation Studio 5000 Logix Designer versions 21 and later, and RSLogix 5000 versions 16 through 20. Description An authentication bypass issue exists in Rockwell Automation's Studio 5000 Logix Designer and RSLogix 5000 software,...

Rockwell_automation Softlogix Improper Restriction of Operations within the Bounds of a Memory Buffer

An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 excluding all firmware versions prior to FRN 16.00, which are not affected. By sending malformed common industrial protocol CIP packet, an attacker may be able to overflow a...

Rockwellautomation Controllogix Unspecified Vulnerability

Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and...

Rockwell Automation/Allen-Bradley 1789-L10 SoftLogix 5800 PLC

Binary data 750601.prm...

Rockwell Automation/Allen-Bradley 1789-L30 SoftLogix 5800 PLC

Binary data 750602.prm...

Rockwell Automation/Allen-Bradley Ethernet/IP Products Authentication Bypass

Binary data 720028.prm...

Rockwell Automation/Allen-Bradley 1789-L60 SoftLogix 5800 PLC

Binary data 750603.prm...

Rockwell Automation Logix5000 Programmable Automation Controller Buffer Overflow Vulnerability (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-343-05 Rockwell Automation Logix5000 Programmable Automation Controller Buffer Overflow Vulnerability that was published January 5, 2017, on the NCCIC/ICS-CERT web site. Rockwell Automation has identified a buff...

Rockwell Automation ControlLogix 远程拒绝服务漏洞

漏洞起因 边界条件错误影响系统Rockwell Automation Micrologix 1400 Rockwell Automation Micrologix 1100远程攻击者可以利用漏洞使设备崩溃。攻击所需条件 攻击者必须访问Rockwell Automation MicroLogix产品。漏洞信息Rockwell Automation MicroLogix是一款可编程控制器平台。 设备没有校验要拷贝到缓冲区的数据，允许远程攻击者可以向2222/TCP, 2222/UDP,...

CVE-2012-6435

When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP that instructs the CPU to stop logic execution and enter a fault state, a DoS can occur. This situation could cause loss of availabili...

CVE-2012-6442

When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP that instructs the product to reset, a DoS can occur. This situation could cause loss of availability and a disruption of communicatio...

Design/Logic Flaw

Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and...

CVE-2012-6441 Rockwell Automation ControlLogix PLC Information Exposure

An information exposure of confidential information results when the device receives a specially crafted CIP packet to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP. Successful exploitation of this vulnerability could cause loss of confidentiality. Rockwell Automation EtherNet/I...

CVE-2012-6439 Rockwell Automation ControlLogix PLC Improper Access Control

When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP that changes the product’s configuration and network parameters, a DoS condition can occur. This situation could cause loss of...