VulnCheck KEV: CVE-2021-22681

Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730,...

CVE-2019-25276 Studio 5000 Logix Designer 30.01.00 - 'FactoryTalk Activation Service' Unquoted Service Path

Studio 5000 Logix Designer 30.01.00 contains an unquoted service path vulnerability in the FactoryTalk Activation Service that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files x86\Rockwell Software\FactoryTalk...

PT-2026-5809

Name of the Vulnerable Software and Affected Versions Studio 5000 Logix Designer version 30.01.00 Description Studio 5000 Logix Designer 30.01.00 has an unquoted service path issue within the FactoryTalk Activation Service. This allows local users to potentially run code with higher privileges. T...

EUVD-2025-84343

A local server-side request forgery SSRF security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to trigger outbound SMB requests, enabling the capture of NTLM hashes...

CVE-2025-11696

A local server-side request forgery SSRF security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to trigger outbound SMB requests, enabling the capture of NTLM hashes...

CVE-2025-11697

The CVE-2025-11697 entry describes a local code-execution vulnerability in Rockwell Automation’s Studio 5000 Simulation Interface exposed via the API. The issue allows a Windows user on the system to perform path-traversal file access, leading to execution of scripts with Administrator privileges...

CVE-2025-11697 Studio 5000 ® Simulation Interface Local Code Execution

A local code execution security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to extract files using path traversal sequences, resulting in execution of scripts with Administrator privileges on system reboot...

CVE-2025-11696

CVE-2025-11696 affects Rockwell Automation Studio 5000 Simulation Interface via the API. Connected sources confirm two local vulnerabilities: (1) a local SSRF that lets any Windows user trigger outbound SMB requests to capture NTLM hashes, and (2) a local code execution issue (via path traversal)...

CVE-2025-11696 Studio 5000 ® Simulation Interface SSRF

A local server-side request forgery SSRF security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to trigger outbound SMB requests, enabling the capture of NTLM hashes...

CVE-2025-9437

A security issue exists within the Studio 5000 Logix Designer add-on profile AOP for the ArmorStart Classic distributed motor controller, resulting in denial-of-service. This vulnerability is possible due to the input of invalid values into Component Object Model COM methods...

CVE-2025-9437

The CVE-2025-9437 entry describes a denial-of-service vulnerability in the Studio 5000 Logix Designer add-on profile (AOP) used with Rockwell Automation’s ArmorStart Classic distributed motor controller. Technical details across connected sources indicate the issue stems from inputting invalid va...

EUVD-2025-34179

A security issue exists within the Studio 5000 Logix Designer add-on profile AOP for the ArmorStart Classic distributed motor controller, resulting in denial-of-service. This vulnerability is possible due to the input of invalid values into Component Object Model COM methods...

CVE-2025-9437 Rockwell Automation ArmorStart® AOP Denial-of-Service Vulnerability

A security issue exists within the Studio 5000 Logix Designer add-on profile AOP for the ArmorStart Classic distributed motor controller, resulting in denial-of-service. This vulnerability is possible due to the input of invalid values into Component Object Model COM methods...

PT-2025-41893

Name of the Vulnerable Software and Affected Versions Studio 5000 Logix Designer affected versions not specified Description A security issue exists that can lead to a denial-of-service condition. This is caused by providing invalid values to Component Object Model COM methods. The vulnerability...

CVE-2025-7971

CVE-2025-7971 affects Rockwell Automation’s Studio 5000 Logix Designer. The issue arises from unsafe handling of environment variables, where a path without a valid file can cause the application to crash and, in some cases, may allow arbitrary code execution locally. The available connected sour...

CVE-2021-22681

Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730,...

PT-2022-2353 · Rockwell Automation · Compactlogix 5480 +5

Name of the Vulnerable Software and Affected Versions: Rockwell Automation Studio 5000 Logix Designer all versions ControlLogix 5580 affected versions not specified GuardLogix 5580 affected versions not specified CompactLogix 5380 affected versions not specified CompactLogix 5480 affected version...