Rockwell Automation Security Advisories

We investigate all internally and externally reported security issues and publish security advisories for all validated security vulnerabilities. These advisories allow our customers and partners to assess the impact of the vulnerabilities and take appropriate action.

Have a Security Concern? SIGN UP FOR ALERTS

VULNERABILITY POLICY

Trust Center

RSS FEED

Welcome to the new Rockwell Automation Security Advisory portal. Click here to read more about our security advisory initiative.

Sort & Filter

Filter & Refine

264 Results

Showing

264

Results

Sort By:

Alphabetical (A-Z)
Alphabetical (Z-A)
Most Recent
Oldest

Most Recent

Narrow Results

Sort By

Alphabetical (A-Z)
Alphabetical (Z-A)
Most Recent
Oldest

Published Date

Start Date

End Date

S	M	T	W	T	F	S
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30	31

Last Updated Date

Start Date

End Date

S	M	T	W	T	F	S
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30	31

CVSS Score

Critical 9.0-10.0
(79)
High 7.0-8.9
(163)
Medium 4.0-6.9
(65)
Low 0.1-3.9
(10)

Product

Search Product

AADVance
(2)
Arena Simulation Software
(3)
Cloud Manufacturing Software
(2)
Drives
(1)
Drives, AC Low Voltage
(1)
Emulate3D Digital Twin
(1)
FactoryTalk Analytics
(1)
FactoryTalk Batch
(1)
FactoryTalk DataMosaix
(2)
FactoryTalk Logix Echo
(1)
FactoryTalk Optix
(1)
FactoryTalk Pavillion
(2)
FactoryTalk ThinManager
(3)
FactoryTalk Updater
(1)
FactoryTalk View ME
(2)
FactoryTalk View SE
(3)
Hardware
(102)
Hazardous Location Switches
(1)
I O Modules
(1)
Kepware Enterprise
(1)
Large Control Systems
(5)
Micro & Nano Control Systems
(1)
PowerMonitor 1000
(1)
RSLogix 5
(1)
RSLogix 500
(1)
RSLogix Micro
(1)
Safety Programmable Controllers
(1)
Services
(2)
Small Control Systems
(2)
Software
(117)

Known Exploited Vulnerability (KEV)

Yes
(2)
No
(262)

Corrected

Yes
(72)
No
(192)

Workaround

Yes
(31)
No
(233)

Products Affected

Search Products

FactoryTalk Linx Gateway
(15)
KEPServer
(1)
MicroLogix 1100 and 1400 controller
(2)
Third Party
(5)
Compliance / Audit Trail / Security
(5)
RSBizWare Machine Performance
(4)
PLC5/250
(4)
ControlPak General
(4)
RSWire
(4)
ProcessPak
(5)
Historian Classic
(4)
Security Server
(4)
Integration Manager
(5)
6200-PLC3
(4)
RSLogix Frameworks
(4)
SOS
(5)
RSLogix 500
(8)
AI-5
(4)
dsShopLib
(5)
Arena
(8)
Foundation Server
(5)
Shop Operations
(5)
RSLibrary Builder
(4)
RSBizWare Coordinator
(4)
Reporting (form based)
(5)
AI-Micro
(4)
RSView32 WebServer
(5)
AI-3
(4)
E-Plan
(1)
Database
(5)
FactoryTalk ViewPoint
(6)
RSData OCX
(4)
SPC
(5)
Admin Tools
(5)
RSView32 SPC
(5)
FactoryTalk VantagePoint
(8)
App Solutions Documentation
(5)
Business Objects
(5)
Migration
(5)
Master Disk Copy Protection
(4)
Studio 5000 View Designer
(8)
RSGuardian
(4)
RSBizWare Tracker
(4)
Raise Software
(4)
RSToolPak II
(4)
FactoryTalk View SE
(14)
Reporting
(5)
Interface Manager
(5)
DataDisc
(4)
MaterialTrack
(4)
RSLogix 5
(6)
Operator Certification
(5)
Live Transfer
(5)
ThinManager
(8)
ControlView
(4)
Advisor
(4)
Printing
(4)
RSLogix Emulate 5000 / Studio 5000 Logix Emulate
(9)
LiveData
(6)
Agile
(5)
Installation
(5)
RSLogix Emulate 500
(5)
RSPower
(4)
Entek
(4)
Knowledge Documentation
(5)
RSLogix Emulate 5
(5)
PBase
(4)
Build Utility
(5)
FactoryTalk Services Platform
(17)
Shop Operation
(5)
Foundation Client
(5)
AI-5/250
(4)
AI-500
(4)
NCR/CAR/IQA
(5)
WINtelligent Recipe
(4)
RSView32
(6)
6200-PLC5
(4)
FactoryTalk Activation
(10)
Purge
(5)
FactoryTalk Historian SE
(10)
RSEnterprise Controls
(4)
WINtelligent Logic 5
(4)
WSIntegrate
(5)
PID Logistics 500
(4)
SoftLogix5800
(7)
RSMACC
(4)
FactoryTalk VantagePoint EMI
(4)
RSPowerTools
(4)
RSView32 Messenger
(5)
Supplier Manager
(5)
RSView32 Active Display
(5)
Maintenance Releases
(5)
100/150 PCD
(4)
Connected Components Workbench
(8)
Logix Emulate
(2)
ComplianceTrack
(4)
RSBizWare Scheduler
(4)
RSTools
(4)
Portlets
(4)
PID Logistics 5
(4)
WINtelligent Quality
(4)
AI-2
(4)
GEMS
(4)
Documentation
(5)
PLC2A and T3
(4)
General Computer
(4)
ERP Integration Gateway
(4)
ETL
(5)
Historical Transfer
(5)
ECO
(5)
Activities
(5)
RSTestStand
(4)
RSWorkbench
(4)
RS PMX CTM
(4)
RSBizWare Line Performance
(4)
Production Management Client
(5)
RSLadder
(5)
Data
(5)
RMA
(5)
DataSite Workbench
(4)
Logix Designer
(14)
Thin Client
(5)
FactoryTalk Integrator
(4)
FactoryTalk Network Manager
(1)
AI Emulate 500
(4)
RSPower32
(4)
AI Emulate 5
(4)
Administration
(5)
Production Execution Client
(5)
1757 ProcessLogix
(4)
WINtelligent View
(4)
JD Edwards
(5)
Dashboard
(5)
Integrated Architecture Builder (IAB)
(5)
WINtelligent HMI
(4)
PMX
(4)
6200-5/250
(4)
eProcedure
(4)
RSView - 16 Bit
(4)
RSChart
(4)
ActiveX Control
(5)
FactoryTalk Metrics
(7)
TrendX
(5)
Universe Manager
(5)
FactoryTalk AssetCentre
(9)
RSTrend
(4)
Knowledge Installation
(5)
Sampling Plans
(5)
General
(4)
RSSidewinderX
(4)
Configuration Tool
(5)
FactoryTalk Transaction Manager
(8)
Consumer Packaged Goods Suite
(5)
Studio 5000 Application Code Manager (ACM)
(4)
API
(5)
AI-100/150
(4)
PCO Software (6723)
(4)
Reports (Out-of-box)
(5)
FactoryTalk Batch
(5)
PlantMetrics
(5)
FactoryTalk EnergyMetrix
(7)
FactoryTalk View ME
(7)
SoftLogix5
(5)
FactoryTalk Analytics for Machines
(4)
Process Designer
(5)
WINtelligent Trend
(4)
RSPocketLogix
(4)
Reports (Custom)
(5)
Other
(4)
6200-PLC2
(4)
Automotive Suite
(5)
RSMailman
(4)
Quality Assurance (6.x)
(5)
ICAPA
(5)
RSLogix Architect / Studio 5000 Architect
(5)
Equipment Manager
(5)
GUI
(4)
FactoryTalk Analytics for Devices
(5)
CtrlContainer
(4)
Complaint Handling
(5)
RSToolPak I
(4)
Server Configuration
(4)
Pavilion
(5)
RSData VBX
(4)
Authentication
(4)
9303 DriveTools SP
(1)
1756-L83ES
(1)
Standard Controllers
(2)
1756-L84ES
(1)
1756-L81ES
(1)
5069 CompactLogix
(2)
1756-L82ES
(1)
5069 Compact GuardLogix 5380
(4)
KEPServe Enterprise
(1)
RSLinx Classic (Single Node
(11)
FactoryTalk Linx / RSLinx Enterprise
(5)
1769 CompactLogix Controllers
(4)
1769 CompactLogix 5370
(3)
1756/5069 GuardLogix
(3)
1768 CompactLogix Controllers
(2)
ControlLogix Hardware
(1)
1763 MicroLogix 1100
(5)
MicroLogix
(1)
SLC 500 and PLC5 Controller Vulnerability
(1)
MicroLogix Web Redirect
(1)
6181X Hazardous Non-Display
(3)
650R Non-Display Computers
(3)
750R Non-Display Computers
(3)
6181 Computers
(3)
1450R Non-Display Computers
(3)
6180 Computers with Keypad
(3)
Legacy
(2)
6155 Compact Computers
(3)
6181X Hazardous Integrated Display
(3)
PlantPAx
(5)
1766 MicroLogix 1400
(5)
Stratix 5900 Services Router
(3)
Arena® Simulation Software
(2)
MicroLogix 1400 DNP3
(1)
MicroLogix 1100 Web Server Buffer Overflow
(1)
FactoryTalk® Service Platform
(2)
Stratix 5400 Industrial Ethernet Switch
(9)
Stratix 8300 L3 Modular Managed Switch
(6)
Stratix 5410 Ind Distribution Switch
(9)
Stratix 8000 Modular Managed Switch
(7)
Ethernet/IP Network
(5)
1756 ControlLogix I/O
(9)
5069-L330ERMS2K
(1)
5069-L340ERMS2
(1)
PowerFlex 6000
(3)
5069-L3100ERS2
(1)
PowerFlex 755
(2)
5069-L3100ERMS2
(1)
5069-L306ERMS2
(1)
2198 Kinetix 5700 Drive
(2)
iTRAK
(1)
5069-L350ERMS2K
(1)
5069-L320ERMS2K
(1)
5069-L320ERMS2
(1)
5069-L330ERS2K
(1)
5069-L330ERMS2
(1)
5069-L320ERS2K
(1)
5069-L350ERS2K
(1)
5069-L380ERMS2
(1)
PowerFlex 755T
(1)
1756 ControlLogix
(6)
5069-L350ERMS2
(1)
5069-L380ERS2
(1)
Stratix 5950 Security Appliance
(2)
Stratix 5100 WAP/Workgroup Bridge
(1)
CompactLogix 5370
(2)
MicroLogix 1400 SNMP Credentials
(1)
AADvance
(3)
ISaGRAF
(4)
Trusted
(1)
FactoryTalk Activation Manager
(1)
PowerFlex 7000 Writeable Parameters
(1)
LP30 Operator Panel
(1)
LP40 Operator Panel
(1)
BM40 Operator Panel
(1)
LP50 Operator Panel
(1)
Armor PowerFlex Critical Fault
(1)
Production Management
(1)
2711P PanelView Plus 6 Logic Modules
(3)
2711P PanelView Plus 6 400-1500
(3)
ControlLogix Communication - Ethernet/IP
(1)
FactoryTalk View Machine Edition
(2)
RSLinx Classic
(1)
Kepserver Enterprise
(2)
Armor Compact Logix
(1)
Compact GaurdLogix 5370
(1)
FactoryTalk Analytics LogixAI
(1)
FactoryTalk Linx OPC UA Connector
(1)
1785-L11B
(1)
1785-L20B
(1)
1785-L30B
(1)
1785-L40L
(1)
1785-L60B
(1)
1785-L60L
(1)
1785-L80B
(1)
RSNetWorx
(3)
CVE-2024-6089
(1)
Communications Modules
(1)
Current Program Updater v1.1.0.7
(1)
Comms Modules
(1)
Network Address Translation (NAT) Device
(2)
FactoryTalk Updater
(1)
FactoryTalk® View Site Edition
(1)
PowerFlex® 527
(1)
MicroLogix Controllers
(1)
Ethernet/IP Connected Products
(3)
1794 FlexLogix
(1)
1769 Compact GuardLogix 5370
(4)
RSLogix 5000 / Studio 5000 Logix Designer
(4)
PowerFlex 525 AC Drives
(1)
FactoryTalk ProductionCentre
(1)
1768/1769/5069 CompactLogix
(3)
1769 Compact I/O
(1)
1732E ArmorBlock I/O
(3)
1747 SLC 500
(1)
1756/1769/5069/2080 Chassis-based I/O
(1)
1408 PowerMonitor 1000
(3)
Stratix 5700 Managed Switch
(7)
FactoryTalk® View ME
(1)
Connected Components Workbench (CCW)
(1)
Arena® Input Analyzer
(1)
Flex I/O
(2)
1426 PowerMonitor 5000
(1)
ArmorStratix 5700 Managed Switch
(3)
2198 Kinetix 5500 Drive
(1)
MicroLogix 1400
(1)
ControlLogix
(1)
CompactLogix
(1)
GuardLogix
(1)
SoftLogix
(1)
Using CCW with Micro800 Controllers
(3)
Using CCW with Component Class Drives
(3)
Using CCW with PanelView Component Terminals
(3)
ThingWorx Connection Server
(1)
ThinManager ThinServer Input Validation Vulnerabilities
(1)
POINT I/O Communication Interfaces
(1)
Stratix® 5200
(1)
Stratix® 5800
(1)
PowerFlex 7000
(1)
ControlLogix 1756-ENBT/A Ethernet/IP Bridge
(1)
FactoryTalk Analytics DataView
(1)
Micro800
(2)
Safety Instrumented System Workstation
(1)
ISaGRAF® Workbench
(1)
440G TLS-Z
(1)
1756-ENBT
(1)
__productNames
(1)
Stratix 5800 Switch
(1)
FactoryTalk Policy Manager
(1)
FactoryTalk System Services
(1)
1734 Point I/O
(1)
Compact Logix 5370
(1)
MicroLogix
(1)
MicroLogix 1100 Controllers
(1)
MicroLogix Controllers
(1)
1715 Distributed I/O
(1)
1715 Redundant I/O
(1)
ArmorStart
(2)
PanelView Plus 6 Compact
(1)
6186M Performance Monitor
(1)
6176M Standard Monitor
(1)
2711T MobileView Tethered
(1)
PanelView 800
(2)
2711T MobileView Accessories
(1)
2711P PanelView Plus 7 Performance
(1)
PanelView Component
(1)
PanelView 5000
(1)
2711P PanelView Plus 7 Standard
(1)
ControlLogix Communications - Ethernet/IP
(1)
1794 Flex
(1)
1794/5094 Distributed I/O
(1)
ThingWorx Industrial Connectivity
(1)
ThingWorx
(1)
1763-L16xxx
(1)
1766-L32xxx
(1)
FactoryTalk Edge Gateway
(1)
1756 - EN2TR and 1756-EN3TR
(1)
1732E-OB16M12DR Series B
(1)
1732E-IB16M12R Series B
(1)
1734-AENTR
(1)
1732E-OB16M12R Series B
(1)
1732E-IB16M12DR Series B
(1)
1732E-8X8M12DR Series B
(1)
1738-AENTR Series A
(1)
1732E-12X4M12P5QCDR Series A
(1)
1732E-12X4M12QCDR Series A
(1)
1732E-16CFGM12QCR Series A
(1)
1734-AENT
(1)
1732E-16CFGM12P5QCR Series A
(1)
1732E-16CFGM12R Series B
(1)
1799ER-IQ10XOQ10 Series B
(1)
1732E-16CFGM12P5QCWR Series B
(1)
1732E-16CFGM12QCWR Series A
(1)
MicroLogix Controller
(1)
MicroLogix Controller
(1)
5069 Compact I/O
(1)
High-Frequency RFID
(1)
FactoryTalk® Linx
(1)
Installing CCW
(1)
MicroLogix 1401
(1)
1747-L5x
(1)
1785-Lx
(1)
1756-L71S
(1)
1756-L72S
(1)
1756-L73S
(1)
FactoryTalk® Services Platform
(1)
ControlLogix® 5570
(1)
GuardLogix® 5570
(1)
ControlLogix® 5570 Redundancy
(1)
ControlLogix 5580 and Compact Logix 5380 Progammable Automation Controller
(1)
Software
(1)
FactoryTalk ThinManager
(1)
PanelView 5510
(1)
1756-L72
(1)
L73
(1)
L74
(1)
L75
(1)
1789 SoftLogi PC
(1)
PanelView 800, PanelView Component Refresh (PanelView 800)
(1)
5015-AENFTXT
(1)
FactoryTalk View
(1)

Filter Results

Showing

264

Results

Published Date:

April 17, 2025

Last Updated:

April 17, 2025

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

SD1727 | Local Privilege Escalation and denial-of-service Vulnerability in ThinManager® MZ Test

Published Date:

April 15, 2025

Last Updated:

April 15, 2025

CVSS Scores (v3.1):

7.8

CVSS Scores (v4.0):

8.5

CVE IDs:

CVE-2025-3617 , CVE-2025-3618

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1726 | Local Code Execution Vulnerabilities in Arena®

Published Date:

April 07, 2025

Last Updated:

April 07, 2025

CVSS Scores (v3.1):

7.8

CVSS Scores (v4.0):

8.5

CVE IDs:

CVE-2025-2285, CVE-2025-2286, CVE-2025-2287, CVE-2025-2288, CVE-2025-2293, CVE-2025-2829, CVE-2025-3285, CVE-2025-3286, CVE-2025-3287, CVE-2025-3288, CVE-2025-3289

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1725 | Third-party Local Code Execution Vulnerability in 440G TLS-Z

Published Date:

March 24, 2025

Last Updated:

March 24, 2025

CVSS Scores (v3.1):

7.0

CVSS Scores (v4.0):

7.3

CVE IDs:

CVE 2020-27212

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

Yes

More Details Less Details

Critical

SD1724 | Lifecycle Services with Veeam Backup and Replication are Vulnerable to third-party Vulnerabilities

Published Date:

March 21, 2025

Last Updated:

March 21, 2025

CVSS Scores (v3.1):

9.9

CVSS Scores (v4.0):

9.4

CVE IDs:

CVE-2025-23120

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

Yes

More Details Less Details

Critical

SD1723 | Admin Shell Access Vulnerability in Verve Asset Manager

Published Date:

March 20, 2025

Last Updated:

March 20, 2025

CVSS Scores (v3.1):

9.1

CVSS Scores (v4.0):

8.9

CVE IDs:

CVE-2025-1449

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

Critical

SD1722 | Lifecycle Services with VMware are Vulnerable to third-party Vulnerabilities

Published Date:

March 07, 2025

Last Updated:

March 07, 2025

CVSS Scores (v3.1):

9.3, 8.2, 7.1

CVSS Scores (v4.0):

9.4, 9.3, 8..2

CVE IDs:

CVE-2025-22224, CVE-2025-22225, CVE-2025-22226

Known Exploited Vulnerability (KEV):

Yes

Corrected:

Yes

Workaround:

Yes

More Details Less Details

Critical

SD1721 | FactoryTalk® AssetCentre Multiple Vulnerabilities

Published Date:

January 29, 2025

Last Updated:

January 29, 2025

CVSS Scores (v3.1):

9.8, 7.0, 7.8

CVSS Scores (v4.0):

9.3, 7.3, 7.0

CVE IDs:

CVE-2025-0477 , CVE-2025-0497, CVE-2025-0498

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

Yes

More Details Less Details

Critical

SD1715 | Path Traversal and Third-party Vulnerability in DataMosaix™ Private Cloud

Published Date:

January 28, 2025

Last Updated:

January 28, 2025

CVSS Scores (v3.1):

5.5, 9.8

CVSS Scores (v4.0):

7.0, 9.3

CVE IDs:

CVE-2025-0659, CVE-2020-11656

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1718 | 5380/5580 Denial-of-Service Vulnerability

Published Date:

January 28, 2025

Last Updated:

January 30, 2025

CVSS Scores (v3.1):

6.5

CVSS Scores (v4.0):

7.1

CVE IDs:

CVE-2025-24478

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

Yes

More Details Less Details

High

SD1720 | FactoryTalk® View Site Edition Multiple Vulnerabilities

Published Date:

January 28, 2025

Last Updated:

January 28, 2025

CVSS Scores (v3.1):

7.3

CVSS Scores (v4.0):

7.0

CVE IDs:

CVE-2025-24481, CVE-2025-24482

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

Yes

More Details Less Details

Critical

SD1719 | FactoryTalk® View Machine Edition Multiple Vulnerabilities

Published Date:

January 28, 2025

Last Updated:

February 05, 2025

CVSS Scores (v3.1):

8.4, 9.8

CVSS Scores (v4.0):

8.6, 9.3

CVE IDs:

CVE-2025-24479, CVE-2025-24480

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

Yes

More Details Less Details

High

SD1717 | PowerFlex® 755 Credential Exposure Vulnerability

Published Date:

January 28, 2025

Last Updated:

January 28, 2025

CVSS Scores (v3.1):

7.5

CVSS Scores (v4.0):

8.7

CVE IDs:

CVE-2025-0631

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1716 | KEPServer Denial-of-Service Vulnerability Found During Pwn2Own Competition

Published Date:

January 28, 2025

Last Updated:

January 28, 2025

CVSS Scores (v3.1):

7.5

CVE IDs:

CVE-2023-3825

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

Critical

SD1714 | PowerMonitor™ 1000 Remote Code Execution and denial-of-service Vulnerabilities via HTTP protocol

Published Date:

December 17, 2024

Last Updated:

December 17, 2024

CVSS Scores (v3.1):

9.8, 9.8, 9.8

CVSS Scores (v4.0):

9.3, 9.3, 9.3

CVE IDs:

CVE-2024-12371 , CVE-2024-12372 , CVE-2024-12373

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1713 | Multiple Code Execution Vulnerabilities in Arena®

Published Date:

December 04, 2024

Last Updated:

December 19, 2024

CVSS Scores (v3.1):

7.8

CVSS Scores (v4.0):

8.5

CVE IDs:

CVE-2024-11155 , CVE-2024-11156 , CVE-2024-11158 , CVE-2024 -12130 , CVE-2024-11157, CVE-2024-12672, CVE-2024-11364, CVE-2024-12175

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

Yes

More Details Less Details

High

SD1712 | Third Party Remote Code Execution Vulnerability in Verve Reporting

Published Date:

November 14, 2024

Last Updated:

November 14, 2024

CVSS Scores (v3.1):

7.2

CVSS Scores (v4.0):

8.6

CVE IDs:

CVE-2024-37287

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

Yes

More Details Less Details

High

SD1711 | Input Validation Vulnerability exists in Arena® Input Analyzer

Published Date:

November 14, 2024

Last Updated:

November 13, 2024

CVSS Scores (v3.1):

7.3

CVSS Scores (v4.0):

7.0

CVE IDs:

CVE-2024-6068

Revision Number:

1.0

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

Critical

SD1710 | FactoryTalk® Updater Multiple Vulnerabilities

Published Date:

November 12, 2024

Last Updated:

November 12, 2024

CVSS Scores (v3.1):

9.1, 8.4, 7.3

CVSS Scores (v4.0):

9.1, 7.1, 7.0

CVE IDs:

CVE-2024-10943, CVE-2024-10944, CVE-2024-10945

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

Yes

More Details Less Details

High

SD1709 | FactoryTalk View ME Remote Code Execution Vulnerability via Project Save Path

Published Date:

November 12, 2024

Last Updated:

November 12, 2024

CVSS Scores (v3.1):

7.3

CVSS Scores (v4.0):

7.0

CVE IDs:

CVE-2024-37365

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

Yes

More Details Less Details

Critical

SD1708 | ThinManager® Multiple Vulnerabilities

Published Date:

October 25, 2024

Last Updated:

October 25, 2024

CVSS Scores (v3.1):

9.8, 7.5

CVSS Scores (v4.0):

9.3, 8.7

CVE IDs:

CVE-2024-10386, CVE-2024-10387

Revision Number:

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

Yes

More Details Less Details

High

SD1707 | ControlLogix Vulnerable to Denial of Service via CIP Messages

Published Date:

October 10, 2024

Last Updated:

October 10, 2024

CVSS Scores (v3.1):

7.5

CVSS Scores (v4.0):

8.7

CVE IDs:

CVE-2024-6207

Revision Number:

1.0

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1705 | PowerFlex 6000T CIP Security denial-of-service Vulnerability

Published Date:

October 07, 2024

Last Updated:

October 07, 2024

CVSS Scores (v3.1):

7.5

CVSS Scores (v4.0):

8.2

CVE IDs:

CVE-2024-9124

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1706 | Logix Controllers Vulnerable to Denial-of-Service Vulnerability

Published Date:

October 07, 2024

Last Updated:

October 10, 2024

CVSS Scores (v3.1):

7.5

CVSS Scores (v4.0):

8.7

CVE IDs:

CVE-2024-8626

Revision Number:

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

Medium

SD1704 | Improper Authorization Vulnerability in Verve® Asset Manager

Published Date:

October 04, 2024

Last Updated:

October 04, 2024

CVSS Scores (v3.1):

6.8

CVSS Scores (v4.0):

8.4

CVE IDs:

CVE-2024-9412

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

Critical

SD1703 | DataMosaix™ Private Cloud third-party Vulnerabilities

Published Date:

October 04, 2024

Last Updated:

October 04, 2024

CVSS Scores (v3.1):

7.5, 8.1, 7.8, 7.5, 9.8, 7.5

CVSS Scores (v4.0):

9.3, 8.7, 9.3, 8.7

CVE IDs:

CVE-2019-14855, CVE-2019-17543, CVE-2019-18276, CVE-2019-19244, CVE-2019-989, CVE-2019-9923

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1702 | Sensitive Data Exposure and Escalating Privileges Vulnerabilities in DataMosaix™ Private Cloud

Published Date:

October 04, 2024

Last Updated:

October 04, 2024

CVSS Scores (v3.1):

7.5, 8.8, 8.1

CVSS Scores (v4.0):

7.5, 8.7, 7.6

CVE IDs:

CVE-2024-7952, CVE-2024-7953, CVE-2024-7956

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1701 | RSLogix™ 5 and RSLogix 500® Remote Code Execution Via VBA Embedded Script

Published Date:

September 16, 2024

Last Updated:

October 14, 2024

CVSS Scores (v3.1):

7.7

CVSS Scores (v4.0):

8.8

CVE IDs:

CVE-2024-7847

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

Yes

More Details Less Details

High

SD1699 | 5015-U8IHFT Denial-of-Service Vulnerability via CIP Message

Published Date:

September 12, 2024

Last Updated:

November 11, 2024

CVSS Scores (v3.1):

7.5

CVSS Scores (v4.0):

8.7

CVE IDs:

CVE-2024-45825

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

Critical

SD1698 | FactoryTalk® Batch View™ Authentication Bypass Vulnerability via shared secrets

Published Date:

September 12, 2024

Last Updated:

November 11, 2024

CVSS Scores (v3.1):

8.1

CVSS Scores (v4.0):

9.2

CVE IDs:

CVE-2024-45823

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1700 | ThinManager® Code Execution Vulnerability

Published Date:

September 12, 2024

Last Updated:

November 11, 2024

CVSS Scores (v3.1):

6.8

CVSS Scores (v4.0):

8.5

CVE IDs:

CVE-2024-45826

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1697 | AADvance® Trusted® SIS Workstation contains multiple 7-ZIP Vulnerabilities

Published Date:

September 12, 2024

Last Updated:

November 11, 2024

CVSS Scores (v3.1):

7.8

CVE IDs:

CVE-2023-31102, CVE-2023-40481

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

Critical

SD1696 | FactoryTalk® View Site Edition Remote Code Execution Vulnerability via Lack of Input Validation

Published Date:

September 12, 2024

Last Updated:

November 13, 2024

CVSS Scores (v3.1):

9.8

CVSS Scores (v4.0):

9.2

CVE IDs:

CVE-2024-45824

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1695 | Incorrect Privileges and Path Traversal Vulnerability in Pavilion8®

Published Date:

September 11, 2024

Last Updated:

October 16, 2024

CVSS Scores (v3.1):

7.6, 7.2

CVSS Scores (v4.0):

8.8, 8.6

CVE IDs:

CVE-2024-7960 , CVE-2024-7961

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1694 | OptixPanel™ Privilege Escalation Vulnerability via File Permissions

Published Date:

September 10, 2024

Last Updated:

November 13, 2024

CVSS Scores (v3.1):

7.5

CVSS Scores (v4.0):

7.7

CVE IDs:

CVE-2024-8533

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1693 | ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix® 5380 Vulnerable to DoS vulnerability via CIP

Published Date:

September 10, 2024

Last Updated:

November 13, 2024

CVSS Scores (v3.1):

7.5

CVSS Scores (v4.0):

8.7

CVE IDs:

CVE-2024-6077

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

SD1692 | ThinManager® ThinServer™ Information Disclosure and Remote Code Execution Vulnerabilities

Published Date:

August 21, 2024

Last Updated:

November 19, 2024

CVSS Scores (v3.1):

5.5, 7.8, 9.8

CVSS Scores (v4.0):

6.8, 8.5, 9.3

CVE IDs:

CVE-2024-7986, CVE 2024-7987, CVE 2024 -7988

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1691 | Pavilion8® Unencrypted Data Vulnerability via HTTP protocol

Published Date:

August 13, 2024

Last Updated:

November 13, 2024

CVSS Scores (v3.1):

7.4

CVSS Scores (v4.0):

5.3

CVE IDs:

CVE-2024-40620

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1690 | GuardLogix/ControlLogix 5580 Controller denial-of-service Vulnerability via Malformed Packet Handling

Published Date:

August 13, 2024

Last Updated:

September 13, 2024

CVSS Scores (v3.1):

7.5

CVSS Scores (v4.0):

8.7

CVE IDs:

CVE-2024-40619

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1689 | AADvance® Standalone OPC-DA Server Code Execution Vulnerability via Vulnerable Component

Published Date:

August 13, 2024

Last Updated:

November 19, 2024

CVSS Scores (v3.1):

7.5, 5.3

CVE IDs:

CVE-2018-1285, CVE-2006-0743

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1688 | FactoryTalk® View Site Edition Code Execution Vulnerability via File Permissions

Published Date:

August 13, 2024

Last Updated:

November 19, 2024

CVSS Scores (v3.1):

8.8

CVSS Scores (v4.0):

8.5

CVE IDs:

CVE-2024-7513

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

Yes

More Details Less Details

High

SD1687 | Authentication Bypass Vulnerability in DataMosaix™

Published Date:

August 13, 2024

Last Updated:

November 20, 2024

CVSS Scores (v3.1):

9.1

CVSS Scores (v4.0):

8.6

CVE IDs:

CVE-2024-6078

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

SD1685 | ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix® 5380 Controller Denial-of-Service Vulnerability via Input Validation

Published Date:

August 13, 2024

Last Updated:

November 19, 2024

CVSS Scores (v3.1):

7.5

CVSS Scores (v4.0):

8.7

CVE IDs:

CVE-2024-7507

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

Yes

More Details Less Details

Medium

SD1684 | Micro850/870 Vulnerable to denial-of-service Vulnerability via CIP/Modbus Port

Published Date:

August 12, 2024

Last Updated:

October 16, 2024

CVSS Scores (v3.1):

5.3

CVSS Scores (v4.0):

6.9

CVE IDs:

CVE 2024 7567

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

Medium

SD1683 | DLL Hijacking Vulnerability Exists in Emulate3D™

Published Date:

August 12, 2024

Last Updated:

November 19, 2024

CVSS Scores (v3.1):

6.7

CVSS Scores (v4.0):

5.4

CVE IDs:

CVE-2024-6079

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

SD1682 | Chassis Restrictions Bypass Vulnerability in Select Logix Devices

Published Date:

July 31, 2024

Last Updated:

October 16, 2024

CVSS Scores (v3.1):

8.4

CVSS Scores (v4.0):

7.3

CVE IDs:

CVE-2024-6242

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

Yes

More Details Less Details

High

SD1681 | Privilege Escalation Vulnerability in Pavilion8®

Published Date:

July 16, 2024

Last Updated:

November 20, 2024

CVSS Scores (v3.1):

8.8

CVSS Scores (v4.0):

8.7

CVE IDs:

CVE-2024-6435

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1680 | Major nonrecoverable fault in 5015 – AENFTXT

Published Date:

July 10, 2024

Last Updated:

November 20, 2024

CVSS Scores (v3.1):

7.5

CVSS Scores (v4.0):

8.7

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1679 | Input Validation Vulnerability exists in the SequenceManager™ Server

Published Date:

July 10, 2024

Last Updated:

September 27, 2024

CVSS Scores (v3.1):

7.5

CVSS Scores (v4.0):

8.7

CVE IDs:

CVE-2024-6436

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

Medium

SD1678 | Unsecured Private Keys in FactoryTalk® System Services

Published Date:

July 02, 2024

Last Updated:

December 01, 2024

CVSS Scores (v3.1):

6.5, 5.9

CVSS Scores (v4.0):

6.0, 1.8

CVE IDs:

CVE-2024-6325 , CVE-2024-6236

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

Critical

SD1677 | ThinManager® ThinServer™ Improper Input Validation Vulnerabilities

Published Date:

June 20, 2024

Last Updated:

October 16, 2024

CVSS Scores (v3.1):

9.8, 7.5

CVSS Scores (v4.0):

9.3, 8.7

CVE IDs:

CVE-2024-5988 , CVE-2024-5989, CVE-2024-5990

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

Yes

More Details Less Details

Critical

SD1676 | FactoryTalk® View SE v11 Information Leakage Vulnerability via Authentication Restriction

Published Date:

June 12, 2024

Last Updated:

December 01, 2024

CVSS Scores (v3.1):

9.8

CVSS Scores (v4.0):

9.2

CVE IDs:

CVE-2024-37368

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1675 | FactoryTalk® View SE v12 Information Leakage Vulnerability via Authentication Restriction

Published Date:

June 12, 2024

Last Updated:

December 01, 2024

CVSS Scores (v3.1):

9.8

CVSS Scores (v4.0):

9.2

CVE IDs:

CVE-2024-37367

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1674 | FactoryTalk® View SE Local Privilege Escalation Vulnerability via Local File Permissions

Published Date:

June 12, 2024

Last Updated:

December 01, 2024

CVSS Scores (v3.1):

7.8

CVSS Scores (v4.0):

8.5

CVE IDs:

CVE-2024-37369

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1673 | Multicast Request Causes major nonrecoverable fault on Select Controllers

Published Date:

June 12, 2024

Last Updated:

December 01, 2024

CVSS Scores (v3.1):

7.4

CVSS Scores (v4.0):

8.3

CVE IDs:

CVE 2024-5659

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

Yes

More Details Less Details

SD1672 | IMPORTANT NOTICE: Rockwell Automation Reiterates Customer Guidance to Disconnect Devices from the Internet to Protect from Cyber Threats

Published Date:

May 21, 2024

Last Updated:

December 03, 2024

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

SD1671 | FactoryTalk® Remote Access™ has Unquoted Executables

Published Date:

May 07, 2024

Last Updated:

December 04, 2024

CVSS Scores (v3.1):

7.7

CVSS Scores (v4.0):

7.0

CVE IDs:

CVE-2024-3640

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1670 | Datalog Function within in FactoryTalk® View SE contains SQL Injection Vulnerability

Published Date:

May 07, 2024

Last Updated:

December 03, 2024

CVSS Scores (v3.1):

7.6

CVSS Scores (v4.0):

8.8

CVE IDs:

CVE-2024-4609

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1669 | FactoryTalk® Historian SE vulnerable to AVEVA-2024-001 and AVEVA-2024-002

Published Date:

May 06, 2024

Last Updated:

November 19, 2024

CVSS Scores (v3.1):

7.5

CVSS Scores (v4.0):

7.7

CVE IDs:

CVE-2023-31274, CVE-2023-34348

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

Critical

SD1668 | FactoryTalk® Production Centre Vulnerable to Apache ActiveMQ Vulnerability

Published Date:

April 18, 2024

Last Updated:

December 03, 2024

CVSS Scores (v3.1):

9.8

CVE IDs:

CVE-2023-4664

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

SD1667 | Input/output Device Vulnerable to Major Nonrecoverable Fault

Published Date:

April 11, 2024

Last Updated:

December 04, 2024

CVSS Scores (v3.1):

7.5

CVSS Scores (v4.0):

8.7

CVE IDs:

CVE-2024-2424

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

Critical

SD1666 | ControlLogix® and GuardLogix® Vulnerable to major nonrecoverable fault due to Invalid Header Value

Published Date:

April 11, 2024

Last Updated:

December 04, 2024

CVSS Scores (v3.1):

8.6

CVSS Scores (v4.0):

9.2

CVE IDs:

CVE-2024-3493

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1665 | Arena® Simulation Vulnerabilities

Published Date:

March 26, 2024

Last Updated:

October 16, 2024

CVSS Scores (v3.1):

7.8, 4.4

CVE IDs:

CVE-2024-21912, CVE-2024-21913, CVE-2024-2929, CVE-2024-21918, CVE-2024-21919, CVE-2024-21920

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1664 | Denial-of-service and Input Validation Vulnerabilities in PowerFlex® 527

Published Date:

March 21, 2024

Last Updated:

December 04, 2024

CVSS Scores:

7.5, 8.7

CVE IDs:

CVE-2024-2425, CVE-2024-2426, CVE-2024-2427

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

Yes

More Details Less Details

Medium

SD1663 | FactoryTalk® View ME on PanelView™ Plus 7 Boot Terminal lack Security Protections

Published Date:

March 21, 2024

Last Updated:

December 03, 2024

CVSS Scores (v3.1):

5.3

CVSS Scores (v4.0):

6.9

CVE IDs:

CVE-2024-21914

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

Critical

SD1662 | FactoryTalk® Service Platform Elevated Privileges Vulnerability Through Web Service Functionality

Published Date:

February 14, 2024

Last Updated:

December 04, 2024

CVSS Scores (v3.1):

9.0

CVE IDs:

CVE-2024-21915

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

SD1661 | Denial-of-service Vulnerability in ControlLogix® and GuardLogix® Controllers

Published Date:

January 30, 2024

Last Updated:

November 20, 2024

CVSS Scores (v3.1):

8.6

CVE IDs:

CVE-2024 21916

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

Critical

SD1660 | FactoryTalk® Service Platform Service Token Vulnerability

Published Date:

January 30, 2024

Last Updated:

December 04, 2024

CVSS Scores (v3.1):

9.8

CVE IDs:

CVE - 2024 21917

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

SD1659 | LP30/40/50 and BM40 Operator Interface Vulnerable to CODESYS Vulnerabilities

Published Date:

January 24, 2024

Last Updated:

December 01, 2024

CVSS Scores (v3.1):

6.5, 8.8

CVE IDs:

CVE-2022-47378, CVE-2022-47379, CVE-2022-47380, CVE-2022-47381 , CVE-2022-47382, CVE-2022-47383, CVE-2022-47384, CVE-2022-47386, CVE-2022-47387, CVE-2022-47388, CVE-2022-47389, CVE-2022-47390, CVE-2022-47385 , CVE-2022-47392 , CVE-2022-47393

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

SD1658 | SD1658 | SIS Workstation and ISaGRAF Workbench Code Execution and Privilege Escalation TEST

Published Date:

November 15, 2023

Last Updated:

November 15, 2023

CVSS Scores:

7.8

CVE IDs:

CVE-2015-9268

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

SD1657 | FactoryTalk® Activation Contains Wibu CodeMeter Vulnerabilities

Published Date:

November 15, 2023

Last Updated:

November 19, 2024

CVSS Scores (v3.1):

7.9, 9.8

CVE IDs:

CVE-2023-38545, CVE-2023-3935

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1656 | FactoryTalk® View Site Edition Vulnerable to Improper Input Validation

Published Date:

October 31, 2023

Last Updated:

December 10, 2024

CVSS Scores (v3.1):

7.5

CVE IDs:

CVE-2023-46289

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

PN1655 | FactoryTalk® Services Platform Elevated Privileges Vulnerability

Published Date:

October 31, 2023

Last Updated:

December 10, 2024

CVSS Scores (v3.1):

8.1

CVE IDs:

CVE-2023-46290

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

High

PN1654 | Arena® Simulation Buffer Overflow Vulnerabilities

Published Date:

October 31, 2023

Last Updated:

December 10, 2024

CVSS Scores (v3.1):

7.8

CVE IDs:

CVE-2023-27854, CVE-2023-27858

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

Critical

PN1653 | Stratix® 5800 and 5200 vulnerable to Cisco IOS XE Web UI Privilege Escalation (Active Exploit)

Published Date:

October 18, 2023

Last Updated:

December 10, 2024

CVSS Scores (v3.1):

7.2, 10

CVE IDs:

CVE-2023-20198

Known Exploited Vulnerability (KEV):

Yes

Corrected:

Yes

Workaround:

More Details Less Details

High

PN1652 | PN1652 | FactoryTalk® Linx Vulnerable to Denial-of-Service and Information Disclosure

Published Date:

October 17, 2023

Last Updated:

October 17, 2023

CVSS Scores:

8.2

CVE IDs:

CVE-2023-29464

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1649 | PN1649 | Select Logix Communication Modules Vulnerable to Email Object Buffer Overflow

Published Date:

October 09, 2023

Last Updated:

October 09, 2023

CVSS Scores:

9.8

CVE IDs:

CVE-2023-2262

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1648 | PN1648 | Connected Components Workbench™ Vulnerable to CefSharp Vulnerabilities

Published Date:

October 05, 2023

Last Updated:

October 05, 2023

CVSS Scores:

9.6, 8.8, 8.8, 8.8, 6.5

CVE IDs:

CVE-2020-16017, CVE-2022-0609, CVE-2020-16009, CVE-2020-16013, CVE-2020-15999

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1647 | PN1647 | PanelView™ 800 Vulnerable to CVE-2017-12652

Published Date:

October 05, 2023

Last Updated:

October 05, 2023

CVSS Scores:

9.8

CVE IDs:

CVE-2017-12652

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Medium

PN1646 | PN1646 | KEPServer Enterprise Vulnerable to Multiple Vulnerabilities

Published Date:

October 05, 2023

Last Updated:

October 05, 2023

CVSS Scores:

6.3, 6.3, 4.7, 5.7

CVE IDs:

CVE 2023-29444, CVE 2023-29445, CVE 2023-29446, CVE 2023-29447

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1645 | PN1645 | FactoryTalk View Machine Edition Vulnerable to Remote Code Execution

Published Date:

October 05, 2023

Last Updated:

October 05, 2023

CVSS Scores:

9.8

CVE IDs:

CVE-2023-2071

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1642 | PN1642 | Pavilion8® Security Misconfiguration Vulnerability

Published Date:

October 05, 2023

Last Updated:

October 05, 2023

CVSS Scores:

8.8

CVE IDs:

CVE-2023-29463

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1639 | PN1639 | Select Distributed I/O Communication Modules vulnerable to a Denial-of-Service Vulnerability

Published Date:

August 23, 2023

Last Updated:

August 23, 2023

CVSS Scores:

8.6

CVE IDs:

CVE-2022-1737

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1638 | PN1638 | ThinManager® ThinServer™ Input Validation Vulnerabilities

Published Date:

August 17, 2023

Last Updated:

August 17, 2023

CVSS Scores:

7.5, 9.8

CVE IDs:

CVE-2023-2917, CVE-2023-2914, CVE-2023-2915

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1637 | PN1637 | Armor ™ PowerFlex ® Critical Fault Vulnerability

Published Date:

August 08, 2023

Last Updated:

August 08, 2023

CVSS Scores:

8.6

CVE IDs:

CVE-2023-2423

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1635 | PN1635 | ThinManager® ThinServer™ Path Traversal Vulnerability

Published Date:

July 18, 2023

Last Updated:

July 18, 2023

CVSS Scores:

7.5

CVE IDs:

CVE-2023-2913

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1634 | PN1634 | Kinetix® 5700 DC Bus Power Supply Series A – CIP Message Attack Could Cause Denial-Of-Service

Published Date:

July 18, 2023

Last Updated:

July 18, 2023

CVSS Scores:

7.5

CVE IDs:

CVE-2023-2263

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1633 | PN1633 | Remote Code Execution and Denial-of-Service Vulnerabilities in Select Communication Modules

Published Date:

July 12, 2023

Last Updated:

July 12, 2023

CVSS Scores:

7.5

CVE IDs:

CVE-2023-3596, CVE-2023-3595

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1631 | PN1631 | PowerMonitor™ 1000 – Cross-Site Scripting Vulnerability

Published Date:

July 11, 2023

Last Updated:

July 11, 2023

CVSS Scores:

8.8

CVE IDs:

CVE-2023-2072

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1630 | PN1630 | Enhanced HIM Vulnerable to Cross Site Request Forgery Attack

Published Date:

July 11, 2023

Last Updated:

July 11, 2023

CVSS Scores:

9.6

CVE IDs:

CVE-2023-2746

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1629 | PN1629 | Denial-of-Service Vulnerability in FactoryTalk® Transaction Manager

Published Date:

June 13, 2023

Last Updated:

June 13, 2023

CVSS Scores:

7.5

CVE IDs:

CVE-2023-2778

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1628 | PN1628 | Apache Portable Runtime Vulnerability in FactoryTalk® Edge Gateway

Published Date:

June 13, 2023

Last Updated:

June 13, 2023

CVSS Scores:

7.1

CVE IDs:

CVE-2021-35940, CVE-2017-12613

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1627 | PN1627 | FactoryTalk® System Services affecting FactoryTalk® Policy Manager – Multiple Vulnerabilities

Published Date:

June 13, 2023

Last Updated:

June 13, 2023

CVSS Scores:

4.1, 5.9, 7.3

CVE IDs:

CVE-2023-2639, CVE-2023-2637, CVE-2023-2638

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1625 | PN1625 | Inadequate Encryption Vulnerability in ThinManager®

Published Date:

May 12, 2023

Last Updated:

May 12, 2023

CVSS Scores:

7.5

CVE IDs:

CVE-2023-2443

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1626 | PN1626 | Cross Site Request Forgery in FactoryTalk® Vantagepoint®

Published Date:

May 11, 2023

Last Updated:

May 11, 2023

CVSS Scores:

7.1

CVE IDs:

CVE-2023-2444

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1624 | Open Ports Vulnerability in Kinetix 5500 EtherNet/IP Servo Drive

Published Date:

May 11, 2023

Last Updated:

October 16, 2024

CVSS Scores (v3.1):

9.4

CVE IDs:

CVE-2023-1834

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

Critical

PN1623 | PN1623 | PanelView™ 800 – Remote Code Execution Vulnerabilities

Published Date:

May 11, 2023

Last Updated:

May 11, 2023

CVSS Scores:

9.8

CVE IDs:

CVE-2019-16748, CVE-2020-36177

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1622 | PN1622 | ArmorStart® ST 281E, 284EE Vulnerable to Multiple XSS Vulnerabilities

Published Date:

May 11, 2023

Last Updated:

May 11, 2023

CVSS Scores:

4.7, 7.0, 5.5

CVE IDs:

CVE-2023-29030, CVE-2023-29022, CVE-2023-29028, CVE-2023-29027, CVE-2023-29023, CVE-2023-29026, CVE-2023-29029, CVE-2023-29031, CVE-2023-29024, CVE-2023-29025

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1621 | PN1621 | Arena® Simulation – Multiple Vulnerabilities

Published Date:

May 09, 2023

Last Updated:

May 09, 2023

CVSS Scores:

7.8

CVE IDs:

CVE-2023-29460, CVE-2023-29462, CVE-2023-29461

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1410 | PN1410 | FactoryTalk® Diagnostics Vulnerable to Remote Code Execution

Published Date:

April 10, 2023

Last Updated:

April 10, 2023

CVSS Scores:

9.8

CVE IDs:

CVE-2020-6967

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1618 | PN1618 | ThinManager Software Path Traversal and Denial-Of-Service Attack

Published Date:

March 21, 2023

Last Updated:

March 21, 2023

CVSS Scores:

7.5, 9.8

CVE IDs:

CVE-2023-27855, CVE-2023-27857, CVE-2023-27856, CVE-2023-28757

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Medium

PN1619 | Modbus TCP AOI Server Could Leak Sensitive Information

Published Date:

March 16, 2023

Last Updated:

October 16, 2024

CVSS Scores (v3.1):

5.3

CVE IDs:

CVE-2023-0027

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

Medium

PN1554 | PN1554 | CompactLogix 5370 and ControlLogix 5570 Controllers Vulnerable to Denial of Service Conditions due to Improper Input Validation

Published Date:

February 07, 2023

Last Updated:

February 07, 2023

CVSS Scores:

5.8

CVE IDs:

CVE-2020-6998

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1616 | PN1616 | CVE-2019-5096 and CVE 2019-5097 Vulnerabilities Impact Multiple Products

Published Date:

January 27, 2023

Last Updated:

January 27, 2023

CVSS Scores:

7.5, 9.8

CVE IDs:

CVE-2019-5097, CVE-2019-5096

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1613 | PN1613 | Product Notice 1613: Logix Controllers Vulnerable to a Denial-of-Service Vulnerability

Published Date:

January 25, 2023

Last Updated:

January 25, 2023

CVSS Scores:

8.6

CVE IDs:

CVE-2022-3157

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1614 | PN1614 | Studio 5000 Logix Emulate Vulnerable to a SMB Insecurely Configuration Vulnerability

Published Date:

December 22, 2022

Last Updated:

December 22, 2022

CVSS Scores:

7.8

CVE IDs:

CVE-2022-3156

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1612 | MicroLogix 1100 and 1400 Web Server Application Vulnerable to Cross Site Scripting Attack

Published Date:

December 13, 2022

Last Updated:

October 16, 2024

CVSS Scores (v3.1):

8.2

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

Yes

More Details Less Details

High

PN1611 | MicroLogix 1100 and 1400 Product Web Server Application Vulnerable to Denial-Of-Service Condition Attack

Published Date:

December 13, 2022

Last Updated:

October 16, 2024

CVSS Scores (v3.1):

7.5

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

Yes

More Details Less Details

High

PN1609 | Logix Controllers Vulnerable to Denial-of-Service Attack

Published Date:

December 06, 2022

Last Updated:

October 16, 2024

CVSS Scores (v3.1):

8.6

CVE IDs:

CVE-2022-3752

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

More Details Less Details

Medium

PN1608 | FactoryTalk Live Data Communication Module Vulnerable to Man-In-The-Middle Attack

Published Date:

December 01, 2022

Last Updated:

October 16, 2024

CVSS Scores (v3.1):

5.9

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

Yes

More Details Less Details

Critical

PN1576 | PN1576 | FactoryTalk® Activation Manager and Studio 5000 Logix Designer® contain Wibu Codemeter vulnerabilities.

Published Date:

November 17, 2022

Last Updated:

November 17, 2022

CVSS Scores:

7.5, 9.1

CVE IDs:

CVE-2021-20094, CVE-2021-20093, CVE-2021-41057

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1508 | Treck Ripple20 TCP/IP Vulnerabilities Affect Multiple Rockwell Automation Products

Published Date:

November 01, 2022

Last Updated:

November 20, 2024

CVSS Scores (v3.1):

9.8, 9.1, 5.0, 3.7, 3.1

CVE IDs:

CVE-2020-11914, CVE-2020-11910, CVE-2020-11901, CVE-2020-11907, CVE-2020-11911, CVE-2020-11912, CVE-2020-25066, CVE-2020-11906

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

Yes

More Details Less Details

PN1607 | PN1607 | New Open SSL Vulnerability

Published Date:

October 31, 2022

Last Updated:

October 31, 2022

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1605 | FactoryTalk Alarm and Events Server Vulnerable to Denial-Of-Service Attack

Published Date:

October 27, 2022

Last Updated:

October 16, 2024

CVSS Scores (v3.1):

7.5

CVE IDs:

CVE-2022-38744

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

Yes

More Details Less Details

High

PN1601 | PN1601 | Stratix Products Vulnerable to Multiple Vulnerabilities

Published Date:

October 27, 2022

Last Updated:

October 27, 2022

CVSS Scores:

6.8, 7.2, 8.8, 6.5, 7.7, 8.6, 4.3

CVE IDs:

CVE-2020-3209, CVE-2020-3200, CVE-2021-1385, CVE-2020-3516, CVE-2021-1446

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1606 | PN1606 | Factory Talk VantagePoint Software Broken Access Control and Input Validation Vulnerability

Published Date:

October 07, 2022

Last Updated:

October 07, 2022

CVSS Scores:

9.9

CVE IDs:

CVE-2022-3158, CVE-2022-38743

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1595 | PN1595 | OpenSSL Infinite Loop in Rockwell Automation Products

Published Date:

September 23, 2022

Last Updated:

January 28, 2025

CVSS Scores:

7.5, 4.9

CVE IDs:

CVE-2022-0778

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

Yes

More Details Less Details

High

PN1604 | PN1604 | ThinManager Software Vulnerable to Arbitrary Code Execution and Denial-Of-Service Attack

Published Date:

September 22, 2022

Last Updated:

September 22, 2022

CVSS Scores:

8.1

CVE IDs:

CVE-2022-38742

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1603 | PN1603 | KEPServer Enterprise Vulnerable to Remote Code Execution and Denial-of-Service Attack

Published Date:

September 01, 2022

Last Updated:

September 01, 2022

CVSS Scores:

9.1, 9.8

CVE IDs:

CVE-2022-2825, CVE-2022-2848

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Medium

PN1598 | PN1598 | CVE 2022-1096 Chromium Type Confusion Vulnerability Impact Multiple Products

Published Date:

August 26, 2022

Last Updated:

August 26, 2022

CVSS Scores:

4.0

CVE IDs:

CVE-2022-1096

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1600 | PN1600 | ISaGRAF Workbench Vulnerable to Multiple Phishing-Style Attacks

Published Date:

July 20, 2022

Last Updated:

July 20, 2022

CVSS Scores:

6.1, 7.7, 8.6

CVE IDs:

CVE-2022-2463, CVE-2022-2465, CVE-2022-2464

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1550 | PN1550 | CVE-2021-22681: Authentication Bypass Vulnerability Found in Logix Controllers

Published Date:

July 20, 2022

Last Updated:

July 20, 2022

CVSS Scores:

10.0

CVE IDs:

CVE-2021-22681

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1599 | PN1599 | FactoryTalk Analytics DataView Vulnerable to Spring4Shell Vulnerability (CVE 2022-22965)

Published Date:

July 14, 2022

Last Updated:

July 14, 2022

CVSS Scores:

9.8

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Medium

PN1597 | PN1597 | MicroLogix 1400/1100 Vulnerable to Clickjacking Vulnerability

Published Date:

July 07, 2022

Last Updated:

July 07, 2022

CVSS Scores:

6.5

CVE IDs:

CVE-2022-2179

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Medium

PN1596 | PN1596 | Logix Controllers Vulnerable to Denial-of-Service Attack

Published Date:

June 17, 2022

Last Updated:

June 17, 2022

CVSS Scores:

6.8

CVE IDs:

CVE-2022-1797

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

PN1594 | PN1594 | APT Cyber Tools Targeting ICS/SCADA Devices (PIPEDREAM/INCONTROLLER)

Published Date:

May 06, 2022

Last Updated:

May 06, 2022

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1586 | PN1586 | Logix Designer Application May Allow Unauthorized Controller Code Injection

Published Date:

May 06, 2022

Last Updated:

May 06, 2022

CVSS Scores:

7.7

CVE IDs:

CVE-2022-1159

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1585 | PN1585 | Logix Controllers May Allow for Unauthorized Code Injection

Published Date:

May 06, 2022

Last Updated:

May 06, 2022

CVSS Scores:

10.0

CVE IDs:

CVE-2021-22681, CVE-2022-1161

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

PN1592 | PN1592 | Vulnerable Third-Party Components in FactoryTalk® ProductionCentre

Published Date:

May 04, 2022

Last Updated:

May 04, 2022

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1589 | PN1589 | Multiple Products Vulnerable to Deserialization of Data

Published Date:

April 04, 2022

Last Updated:

April 04, 2022

CVSS Scores:

8.6

CVE IDs:

CVE-2022-1118

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1579 | Log4Shell Vulnerability Notice

Published Date:

January 21, 2022

Last Updated:

December 01, 2024

CVSS Scores (v3.1):

10, 3.7, 8.1, 9.8

CVE IDs:

CVE-2021-4104, CVE-2021-45046, CVE-2019-17571, CVE-2021-44228

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

Yes

More Details Less Details

Critical

PN1567 | PN1567 | ISaGRAF Runtime Affected by Multiple Vulnerabilities

Published Date:

December 30, 2021

Last Updated:

December 30, 2021

CVSS Scores:

9.1, 7.8, 5.3, 7.5, 6.7

CVE IDs:

CVE-2020-25184, CVE-2020-25180, CVE-2020-25176, CVE-2020-25182, CVE-2020-25178

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1580 | PN1580 | GOAhead Web Server vulnerability in 1783-NATR

Published Date:

December 16, 2021

Last Updated:

December 16, 2021

CVSS Scores:

7.5, 9.8

CVE IDs:

CVE-2019-5097, CVE-2019-5096

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1494 | VxWorks Vulnerabilities affect Programmable Automation Controllers, EtherNet/IP Communication Modules, I/O Modules, Kinetix 6500 Servo Drive, High-Frequency RFID Interface Block

Published Date:

August 11, 2021

Last Updated:

October 04, 2024

CVSS Scores (v3.1):

9.8, 8.8, 7.5, 8.1, 6.3, 7.1, 5.4

CVE IDs:

CVE-2019-12260, CVE-2019-12265, CVE-2019-12257, CVE-2019-12258, CVE-2019-12256, CVE-2019-12255, CVE-2019-12263, CVE-2019-12262, CVE-2019-12264, CVE-2019-12261, CVE-2019-12259

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

Yes

More Details Less Details

High

PN1575 | PN1575 | Interniche Vulnerabilities present in Rockwell Automation Products – “INFRA:HALT”

Published Date:

August 09, 2021

Last Updated:

August 09, 2021

CVSS Scores:

8.2, 4.0

CVE IDs:

CVE-2020-25767, CVE-2020-35684, CVE-2020-35685, CVE-2021-31400, CVE-2021-36762, CVE-2020-25926, CVE-2021-31226, CVE-2021-31401, CVE-2021-31228, CVE-2020-25928, CVE-2020-25927, CVE-2021-31227, CVE-2020-27565, CVE-2020-35683

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1571 | PN1571 | MicroLogix 1100 Persistent CPU Fault Vulnerability

Published Date:

July 09, 2021

Last Updated:

July 09, 2021

CVSS Scores:

8.6

CVE IDs:

CVE-2021-33012

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1569 | PN1569 | FactoryTalk Security Remote Desktop Connection ‘Computer Name’ Policy Bypass Vulnerability

Published Date:

June 10, 2021

Last Updated:

June 10, 2021

CVSS Scores:

8.5

CVE IDs:

CVE-2021-32960

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Medium

PN1566 | PN1566 | Micro800 and MicroLogix 1400 Vulnerable to Man-in-the-Middle Attack

Published Date:

May 25, 2021

Last Updated:

May 25, 2021

CVSS Scores:

6.1

CVE IDs:

CVE-2021-32926

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1565 | PN1565 | Connected Components Workbench Vulnerable to Multiple Phishing-Style Attacks

Published Date:

May 13, 2021

Last Updated:

May 13, 2021

CVSS Scores:

6.1, 7.7, 8.6

CVE IDs:

CVE-2021-27473, CVE-2021-27471, CVE-2021-27475

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1564 | PN1564 | DNS Name:Wreck Vulnerabilities Affect Multiple Rockwell Automation Products

Published Date:

April 28, 2021

Last Updated:

April 28, 2021

CVSS Scores:

9.8

CVE IDs:

CVE-2016-20009

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1559 | PN1559 | FactoryTalk AssetCentre Vulnerable to Arbitrary Code Execution

Published Date:

April 01, 2021

Last Updated:

April 01, 2021

CVSS Scores:

CVE IDs:

CVE-2021-27466, CVE-2021-27460, CVE-2021-27474, CVE-2021-27468, CVE-2021-27470, CVE-2021-27462, CVE-2021-27464, CVE-2021-27476, CVE-2021-27472

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Medium

PN1588 | PN1588 | File Parsing XML Entity in Multiple Products

Published Date:

March 28, 2021

Last Updated:

March 28, 2021

CVSS Scores:

5.5

CVE IDs:

CVE-2022-1018

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1558 | PN1558 | Stratix Switches Impacted by IOS and IOS XE Software Vulnerabilities

Published Date:

March 26, 2021

Last Updated:

March 26, 2021

CVSS Scores:

7.8, 7.4, 6.8, 4.3, 5.5, 7.0

CVE IDs:

CVE-2021-1452, CVE-2021-1442, CVE-2021-1443, CVE-2021-1392, CVE-2021-1403, CVE-2021-1220, CVE-2021-1352

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1551 | PN1551 | 1734-AENTR Series B and Series C Contains Multiple Web Vulnerabilities

Published Date:

March 04, 2021

Last Updated:

March 04, 2021

CVSS Scores:

7.5, 4.7

CVE IDs:

CVE-2020-14504, CVE-2020-14502

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1543 | PN1543 | Writable Path Directory in DriveTools SP and Drives AOP

Published Date:

February 15, 2021

Last Updated:

February 15, 2021

CVSS Scores:

7.5

CVE IDs:

CVE-2021-22665

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1531 | PN1531 | 1794-AENT Flex I/O Series B Contains Multiple Denial of Service Vulnerabilities

Published Date:

February 02, 2021

Last Updated:

February 02, 2021

CVSS Scores:

7.5

CVE IDs:

CVE-2020-6085, CVE-2020-6084, CVE-2020-6088, CVE-2020-6083, CVE-2020-6087, CVE-2020-6086

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1545 | PN1545 | Modbus Vulnerability may lead to Denial-of-Service conditions in the MicroLogix 1400 Controller

Published Date:

January 28, 2021

Last Updated:

January 28, 2021

CVSS Scores:

8.1

CVE IDs:

CVE-2021-22659

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Medium

PN794 | PN794 | RSLogix 5000 Studio 5000 Logix Designer Source Protection Vulnerability

Published Date:

January 25, 2021

Last Updated:

January 25, 2021

CVSS Scores:

6.3

CVE IDs:

CVE-2014-0755

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1540 | PN1540 | FactoryTalk Linx and FactoryTalk Services Platform Contain Denial-of-Service Vulnerabilities

Published Date:

January 22, 2021

Last Updated:

January 22, 2021

CVSS Scores:

7.5, 6.2, 4.3

CVE IDs:

CVE-2020-5806, CVE-2020-5801, CVE-2020-5802, CVE-2020-5807

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1113 | PN1113 | CVE-2020-0601 Impact to Rockwell Automation Products

Published Date:

January 20, 2021

Last Updated:

January 20, 2021

CVSS Scores:

8.1

CVE IDs:

CVE-2020-0601

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1548 | PN1548 | Allen‑Bradley MicroLogix 1100 Programmable Logic Controller IPv4 Denial-of-Service Vulnerability

Published Date:

January 19, 2021

Last Updated:

January 19, 2021

CVSS Scores:

7.5

CVE IDs:

CVE-2020-6111

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Medium

PN1542 | PN1542 | Side-Channel Issue on NXP 7x Secure Authentication Microcontrollers May Lead to ECC Key Extraction

Published Date:

January 14, 2021

Last Updated:

January 14, 2021

CVSS Scores:

4.9

CVE IDs:

CVE-2021-3011

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1541 | PN1541 | FactoryTalk AssetCentre affected by M and M Software fdtCONTAINER Remote Code Execution Vulnerability

Published Date:

January 11, 2021

Last Updated:

January 11, 2021

CVSS Scores:

8.6

CVE IDs:

CVE-2020-12525

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1539 | PN1539 | Vulnerabilities in the Kepware OPC UA server interface may lead to Denial-of-Service Conditions or Data Leak

Published Date:

December 17, 2020

Last Updated:

December 17, 2020

CVSS Scores:

7.5, 9.1

CVE IDs:

CVE-2020-27267, CVE-2020-27263

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1536 | PN1536 | FactoryTalk® Linx® Affected by Multiple Denial-of-Service and Heap Overflow Vulnerabilities

Published Date:

November 24, 2020

Last Updated:

November 24, 2020

CVSS Scores:

8.6, 9.8, 5.3

CVE IDs:

CVE-2020-27251, CVE-2020-27255, CVE-2020-27253

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

PN1534 | PN1534 | Stratix 5700 HTTP Session Management Weakness

Published Date:

October 30, 2020

Last Updated:

October 30, 2020

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

PN923 | PN923 | Claims of ransomware masquerading as an Allen‑Bradley Update

Published Date:

October 02, 2020

Last Updated:

October 02, 2020

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1530 | PN1530 | FactoryTalk Activation Manager affected by CodeMeter Vulnerabilities

Published Date:

September 18, 2020

Last Updated:

September 18, 2020

CVSS Scores:

7.4, 8.1, 9.4, 7.5, 10.0

CVE IDs:

CVE-2020-14517, CVE-2020-16233, CVE-2019-14519, CVE-2020-14519, CVE-2020-14515, CVE-2020-14509, CVE-2020-14513

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1510 | PN1510 | FactoryTalk View SE Contains Multiple Vulnerabilities Found During Pwn2Own Competition

Published Date:

August 20, 2020

Last Updated:

August 20, 2020

CVSS Scores:

7.5, 9.0, 7.3, 5.3

CVE IDs:

CVE-2020-12027, CVE-2020-12028, CVE-2020-12029, CVE-2020-12031

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Low

PN1509 | PN1509 | Studio 5000 Logix Designer XML External Entity (XXE) Vulnerability Found During Pwn2Own Competition

Published Date:

August 11, 2020

Last Updated:

August 11, 2020

CVSS Scores:

3.6

CVE IDs:

CVE-2020-12025

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1025 | PN1025 | CompactLogix / Compact GuardLogix 5370 Denial of Service

Published Date:

August 10, 2020

Last Updated:

August 10, 2020

CVSS Scores:

8.6

CVE IDs:

CVE-2017-9312

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1525 | PN1525 | FactoryTalk Services Platform Improper User Password Hashing

Published Date:

July 30, 2020

Last Updated:

July 30, 2020

CVSS Scores:

10.0

CVE IDs:

CVE-2020-14516

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1516 | PN1516 | FactoryTalk Services Platform XXE Vulnerability

Published Date:

June 25, 2020

Last Updated:

June 25, 2020

CVSS Scores:

8.4

CVE IDs:

CVE-2020-14478

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1515 | PN1515 | FactoryTalk View SE Credential Disclosure Vulnerabilities

Published Date:

June 25, 2020

Last Updated:

June 25, 2020

CVSS Scores:

8.8

CVE IDs:

CVE-2020-14480, CVE-2020-14481

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1511 | PN1511 | FactoryTalk Linx Path Traversal Vulnerability Found During Pwn2Own Competition

Published Date:

June 24, 2020

Last Updated:

June 24, 2020

CVSS Scores:

9.6

CVE IDs:

CVE-2020-12001

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1507 | PN1507 | FactoryTalk Linx Affected by Multiple Vulnerabilities

Published Date:

June 24, 2020

Last Updated:

June 24, 2020

CVSS Scores:

7.5, 9.6

CVE IDs:

CVE-2020-11999, CVE-2020-12005, CVE-2020-12003, CVE-2020-12001

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1512 | PN1512 | FactoryTalk Services Platform Vulnerable to Arbitrary COM Instantiation During Pwn2Own Competition

Published Date:

June 18, 2020

Last Updated:

June 18, 2020

CVSS Scores:

7.5

CVE IDs:

CVE-2020-12033

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1084 | PN1084 | Multiple Vulnerabilities in Arena Simulation Software

Published Date:

June 08, 2020

Last Updated:

June 08, 2020

CVSS Scores:

7.8, 8.6, 3.3

CVE IDs:

CVE-2019-13527, CVE-2019-13510, CVE-2019-13519, CVE-2019-13511, CVE-2019-13521

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1503 | PN1503 | EDS Subsystem Affected by Multiple Vulnerabilities

Published Date:

May 19, 2020

Last Updated:

May 19, 2020

CVSS Scores:

8.2, 6.7

CVE IDs:

CVE-2020-12038, CVE-2020-12034

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1502 | PN1502 | OSIsoft PI System Vulnerabilities Affect Multiple Rockwell Automation Software Products

Published Date:

May 12, 2020

Last Updated:

May 12, 2020

CVSS Scores:

7.8, 8.0, 5.9

CVE IDs:

CVE-2020-10608, CVE-2020-10606, CVE-2020-10645, CVE-2020-10600, CVE-2020-10610

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1500 | PN1500 | FactoryTalk Activation Affected by Sentinel LDK Vulnerabilities

Published Date:

April 23, 2020

Last Updated:

April 23, 2020

CVSS Scores:

7.5, 9.9, 9.8, 5.3

CVE IDs:

CVE-2017-12819, CVE-2019-8282, CVE-2017-11497, CVE-2017-11496, CVE-2017-12818, CVE-2017-11498, CVE-2017-12821, CVE-2017-12822, CVE-2019-8283, CVE-2017-12820

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1499 | PN1499 | RSLinx Classic Privilege Escalation Vulnerability

Published Date:

April 09, 2020

Last Updated:

April 09, 2020

CVSS Scores:

8.8

CVE IDs:

CVE-2020-10642

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1498 | PN1498 | Current Program Updater Vulnerable to Privilege Escalation

Published Date:

April 09, 2020

Last Updated:

April 09, 2020

CVSS Scores:

7.0

CVE IDs:

CVE-2017-5176

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1046 | PN1046 | Stratix 5950 Denial of Service Vulnerability

Published Date:

April 07, 2020

Last Updated:

April 07, 2020

CVSS Scores:

8.6

CVE IDs:

CVE-2018-0472

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1027 | PN1027 | Stratix 5950 Contains Multiple Vulnerabilities

Published Date:

April 07, 2020

Last Updated:

April 07, 2020

CVSS Scores:

7.5, 10.0, 8.6

CVE IDs:

CVE-2018-0228, CVE-2018-0296, CVE-2018-0227, CVE-2018-0231, CVE-2018-0240

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Medium

PN1100 | PN1100 | Stratix 5950 Secure Boot Hardware Tampering Vulnerability

Published Date:

March 10, 2020

Last Updated:

March 10, 2020

CVE IDs:

CVE-2019-1649

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1411 | PN1411 | MicroLogix Controllers, RSLogix 500 Software Contains Multiple Vulnerabilities Affecting Confidentiality

Published Date:

March 05, 2020

Last Updated:

March 05, 2020

CVSS Scores:

4.0, 5.9, 9.8

CVE IDs:

CVE-2020-6980, CVE-2020-6990, CVE-2020-6988, CVE-2020-6984

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN978 | PN978 | PanelView Plus 6 700-1500 (7-15 displays) with Open Test Port

Published Date:

February 11, 2020

Last Updated:

February 11, 2020

CVSS Scores:

8.6

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN937 | PN937 | MicroLogix™ 1400 SNMP Credentials

Published Date:

February 11, 2020

Last Updated:

February 11, 2020

CVSS Scores:

7.3

CVE IDs:

CVE-2016-5645

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

PN928 | PN928 | PowerFlex 7000 Writeable Parameters

Published Date:

February 11, 2020

Last Updated:

February 11, 2020

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Medium

PN915 | PN915 | Integrated Architecture Builder (IAB) Access Violation

Published Date:

February 11, 2020

Last Updated:

February 11, 2020

CVSS Scores:

6.3

CVE IDs:

CVE-2016-2277

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN910 | PN910 | MicroLogix 1100 Web Server Buffer Overflow

Published Date:

February 11, 2020

Last Updated:

February 11, 2020

CVSS Scores:

9.8

CVE IDs:

CVE-2016-0868

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

PN907 | PN907 | SCADAPass Default Passwords

Published Date:

February 11, 2020

Last Updated:

February 11, 2020

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

PN900 | PN900 | Rockwell Automation recommended mitigations for Zero day vulnerability (W32.Stuxnet) to Microsoft® Windows™

Published Date:

February 11, 2020

Last Updated:

February 11, 2020

CVE IDs:

CVE-2010-2568

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN893 | PN893 | MicroLogix 1100 and 1400 Controller Vulnerabilities

Published Date:

February 11, 2020

Last Updated:

February 11, 2020

CVSS Scores:

7.5, 3.7, 9.8, 4.6, 4.7

CVE IDs:

CVE-2015-6492, CVE-2015-6491, CVE-2015-6490, CVE-2015-6486, CVE-2015-6488

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN889 | PN889 | FT Historian SE OSIsoft PI Data Archive Vulnerabilities

Published Date:

February 11, 2020

Last Updated:

February 11, 2020

CVSS Scores:

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

PN676 | PN676 | FactoryTalk RnaUtility.dll Vulnerability

Published Date:

February 11, 2020

Last Updated:

February 11, 2020

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN567 | PN567 | Client Software Authentication Security Vulnerability in PLC5® and SLC™ 5/0x Controllers

Published Date:

February 11, 2020

Last Updated:

February 11, 2020

CVSS Scores:

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN560 | PN560 | Password Security Vulnerability in MicroLogix™ Controllers

Published Date:

February 11, 2020

Last Updated:

February 11, 2020

CVSS Scores:

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Medium

PN402 | PN402 | ControlLogix 1756-ENBT/A EtherNet/IP Bridge - Potential Security Vulnerability

Published Date:

February 11, 2020

Last Updated:

February 11, 2020

CVSS Scores:

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

PN391 | PN391 | ControlLogix 1756-ENBT/A Ethernet/IP Bridge - Potential Security Vulnerabilities

Published Date:

February 11, 2020

Last Updated:

February 11, 2020

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

PN359 | PN359 | Firmware Upgrade Security Notice: Comment on DHS Communication (Control Systems Vulnerability in Multiple Sectors)

Published Date:

February 11, 2020

Last Updated:

February 11, 2020

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1059 | PN1059 | Vulnerabilities Discovered in PowerMonitor 1000 Monitor

Published Date:

August 26, 2019

Last Updated:

August 26, 2019

CVSS Scores:

9.1, 7.4

CVE IDs:

CVE-2018-19615, CVE-2018-19616

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1081 | PN1081 | Ability to gain root-user level access to PanelView 5510 Graphic Terminals

Published Date:

August 02, 2019

Last Updated:

August 02, 2019

CVSS Scores:

7.5

CVE IDs:

CVE-2019-10970

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1072 | PN1072 | Notice Regarding BlueKeep: Windows Security Vulnerability (CVE-2019-0708)

Published Date:

May 20, 2019

Last Updated:

May 20, 2019

CVSS Scores:

9.8

CVE IDs:

CVE-2019-0708

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN950 | PN950 | Logix5000 Programmable Automation Controller Denial of Service/Buffer Overflow Vulnerability

Published Date:

May 13, 2019

Last Updated:

May 13, 2019

CVSS Scores:

10.0

CVE IDs:

CVE-2016-9343

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1040 | PN1040 | CompactLogix 5370 Programmable Automation Controllers Denial of Service Vulnerabilities

Published Date:

April 30, 2019

Last Updated:

April 30, 2019

CVSS Scores:

8.6, 5.3

CVE IDs:

CVE-2019-10952, CVE-2019-10954

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1068 | PN1068 | Open Redirect Vulnerability MicroLogix, CompactLogix 5370 Controllers

Published Date:

April 23, 2019

Last Updated:

April 23, 2019

CVSS Scores:

7.1

CVE IDs:

CVE-2019-10955

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1045 | PN1045 | Stratix 5400/5410/5700/8000/8300 Denial of Service Vulnerabilities

Published Date:

April 04, 2019

Last Updated:

April 04, 2019

CVSS Scores:

7.5, 7.4, 8.6

CVE IDs:

CVE-2018-0466, CVE-2018-0473, CVE-2018-15373, CVE-2018-0470, CVE-2018-0467

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Medium

PN1044 | PN1044 | Stratix 5400/5410/5700 Device Reload Vulnerability

Published Date:

April 04, 2019

Last Updated:

April 04, 2019

CVSS Scores:

6.8

CVE IDs:

CVE-2018-15377

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN977 | PN977 | MicroLogix 1100 Controllers Malformed Packet Denial of Service

Published Date:

April 03, 2019

Last Updated:

April 03, 2019

CVSS Scores:

7.5

CVE IDs:

CVE-2017-7924

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1043 | PN1043 | PowerFlex 525 AC Drives with Embedded EtherNet/IP Port Communication Denial of Service

Published Date:

March 29, 2019

Last Updated:

February 04, 2025

CVSS Scores:

7.5

CVE IDs:

CVE-2018-19282

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

Yes

More Details Less Details

Critical

PN1061 | PN1061 | RSLinx Classic Denial of Service/Remote Code Execution Vulnerability

Published Date:

March 04, 2019

Last Updated:

March 04, 2019

CVSS Scores:

9.8

CVE IDs:

CVE-2019-6553

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Medium

PN1058 | PN1058 | EtherNet/IP Web Server Module SNMP Service Denial of Service

Published Date:

February 06, 2019

Last Updated:

February 06, 2019

CVSS Scores:

5.3

CVE IDs:

CVE-2018-19016

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1033 | PN1033 | FactoryTalk Services Platform Denial of Service

Published Date:

November 27, 2018

Last Updated:

November 27, 2018

CVSS Scores:

7.5

CVE IDs:

CVE-2018-18981

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1042 | PN1042 | MicroLogix 1400 Controllers, 1756 ControlLogix EtherNet/IP Communication Modules Denial of Service

Published Date:

November 06, 2018

Last Updated:

November 06, 2018

CVSS Scores:

8.6

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Medium

PN885 | PN885 | CompactLogix™ and 1756 ControlLogix® Communication Modules Reflective Cross-Site Scripting (XSS) Vulnerability

Published Date:

November 01, 2018

Last Updated:

November 01, 2018

CVSS Scores:

6.1

CVE IDs:

CVE-2016-2279

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

PN1011 | PN1011 | Rockwell Automation Briefing on Meltdown and Spectre vulnerabilities.

Published Date:

October 01, 2018

Last Updated:

October 01, 2018

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

PN715 | PN715 | Advisory on web search tools that identify ICS devices and systems connected to the Internet

Published Date:

September 20, 2018

Last Updated:

September 20, 2018

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1037 | PN1037 | RSLinx Classic Heap and Buffer Overflow Vulnerabilities

Published Date:

September 20, 2018

Last Updated:

September 20, 2018

CVSS Scores:

7.5, 10.0, 8.6

CVE IDs:

CVE-2018-14829, CVE-2018-14827, CVE-2018-14821

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1018 | PN1018 | FactoryTalk Activation Manager Vulnerabilities

Published Date:

July 20, 2018

Last Updated:

July 20, 2018

CVSS Scores:

2.7, 9.8

CVE IDs:

CVE-2017-13754, CVE-2015-8277

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1026 | PN1026 | RSLinx Classic and FactoryTalk Linx Gateway Privilege Escalation through Unquoted Service Path

Published Date:

June 07, 2018

Last Updated:

June 07, 2018

CVSS Scores:

8.8

CVE IDs:

CVE-2018-10619

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Medium

PN1024 | PN1024 | Arena Simulation Software Denial of Service

Published Date:

May 10, 2018

Last Updated:

May 10, 2018

CVSS Scores:

5.5

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1021 | PN1021 | Stratix 8300 Denial of Service and Remote Code Execution Vulnerabilities

Published Date:

April 16, 2018

Last Updated:

April 16, 2018

CVSS Scores:

8.8, 9.8, 8.6

CVE IDs:

CVE-2018-0174, CVE-2018-0171, CVE-2018-0167, CVE-2018-0175, CVE-2018-0173, CVE-2018-0172, CVE-2018-0155, CVE-2018-0156

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1020 | PN1020 | Stratix 5900 Denial of Service and Remote Code Execution Vulnerabilities

Published Date:

April 16, 2018

Last Updated:

April 16, 2018

CVSS Scores:

8.8, 9.8, 8.6

CVE IDs:

CVE-2018-0151, CVE-2018-0175, CVE-2018-0167, CVE-2018-0158

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN1019 | PN1019 | Stratix 5400/5410/5700/8000 Denial of Service and Remote Code Execution Vulnerabilities

Published Date:

April 16, 2018

Last Updated:

April 16, 2018

CVSS Scores:

8.8, 9.8, 8.6

CVE IDs:

CVE-2018-0174, CVE-2018-0171, CVE-2018-0167, CVE-2018-0175, CVE-2018-0173, CVE-2018-0172, CVE-2018-0158, CVE-2018-0156

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1015 | PN1015 | MicroLogix Controller Vulnerabilities

Published Date:

March 28, 2018

Last Updated:

March 28, 2018

CVSS Scores:

3.7, 6.8, 6.3, 8.6

CVE IDs:

CVE-2017-12093, CVE-2017-14471, CVE-2017-14467, CVE-2017-14472, CVE-2017-14473, CVE-2017-14462, CVE-2017-14468, CVE-2017-14463, CVE-2017-14466, CVE-2017-12092, CVE-2017-12090, CVE-2017-14465, CVE-2017-14470, CVE-2017-12089, CVE-2017-14469, CVE-2017-12088, CVE-2017-14464

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1010 | PN1010 | MicroLogix 1400 Modbus TCP Buffer Overflow Denial of Service

Published Date:

December 22, 2017

Last Updated:

December 22, 2017

CVSS Scores:

8.6

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1000 | PN1000 | FactoryTalk Alarms and Events Historian Denial of Service

Published Date:

December 07, 2017

Last Updated:

December 07, 2017

CVSS Scores:

7.5

CVE IDs:

CVE-2017-14022

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Medium

PN1003 | PN1003 | Stratix 5100 Wireless Access Point/Workgroup Bridge affected by Key Reinstallation Attacks (KRACK) research paper

Published Date:

November 06, 2017

Last Updated:

November 06, 2017

CVSS Scores:

6.9

CVE IDs:

CVE-2017-13082

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN991 | PN991 | Stratix SNMP Packet Remote Code Execution Vulnerabilities

Published Date:

November 02, 2017

Last Updated:

November 02, 2017

CVSS Scores:

8.8

CVE IDs:

CVE-2017-6741, CVE-2017-6744, CVE-2017-6743, CVE-2017-6740, CVE-2017-6738, CVE-2017-6737, CVE-2017-6742, CVE-2017-6739, CVE-2017-6736

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN962 | PN962 | Stratix CMP Remote Code Execution Vulnerability

Published Date:

November 02, 2017

Last Updated:

November 02, 2017

CVSS Scores:

9.8

CVE IDs:

CVE-2017-3881

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN958 | PN958 | FactoryTalk Activation Unquoted Service Path Privilege Escalation

Published Date:

August 24, 2017

Last Updated:

August 24, 2017

CVSS Scores:

8.8

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

PN1493 | PN1493 | Rockwell Automation Recommended Mitigations for the “Petya” Malware

Published Date:

June 30, 2017

Last Updated:

June 30, 2017

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

PN1492 | PN1492 | Rockwell Automation Recommended Mitigations For “WannaCry” Ransomware

Published Date:

May 18, 2017

Last Updated:

May 18, 2017

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN946 | PN946 | Stratix® Denial of Service Vulnerabilities

Published Date:

April 26, 2017

Last Updated:

April 26, 2017

CVSS Scores:

9.9, 8.6

CVE IDs:

CVE-2016-6380, CVE-2016-6385, CVE-2016-6382, CVE-2016-6393

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN967 | PN967 | MicroLogix Controller v21 Security Updates

Published Date:

April 25, 2017

Last Updated:

April 25, 2017

CVSS Scores:

5.4, 8.1, 3.1, 9.8

CVE IDs:

CVE-2017-7902, CVE-2017-7901, CVE-2017-7899, CVE-2017-7898, CVE-2017-7903

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Medium

PN966 | PN966 | ControlLogix 5580 and CompactLogix 5380 Programmable Automation Controller Denial of Service

Published Date:

April 04, 2017

Last Updated:

April 04, 2017

CVSS Scores:

6.8

CVE IDs:

CVE-2017-6024

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

PN965 | PN965 | Stratix 5900 Security Updates

Published Date:

April 04, 2017

Last Updated:

April 04, 2017

CVE IDs:

CVE-2015-1787, CVE-2014-0195, CVE-2014-2109, CVE-2014-3566, CVE-2016-1344, CVE-2015-7702, CVE-2015-7871, CVE-2014-2106, CVE-2015-0207, CVE-2016-6393, CVE-2014-3360, CVE-2014-2112, CVE-2016-6380, CVE-2015-7691, CVE-2015-7692, CVE-2015-7849, CVE-2015-0290, CVE-2014-0224, CVE-2015-7701, CVE-2014-3470, CVE-2014-2113, CVE-2014-2108, CVE-2015-7704, CVE-2016-6415, CVE-2014-2111, CVE-2015-0642, CVE-2015-1798, CVE-2014-0221, CVE-2015-0292, CVE-2015-0293, CVE-2015-7854, CVE-2014-0076, CVE-2015-0646, CVE-2014-3361, CVE-2016-6381, CVE-2016-1409, CVE-2015-7855, CVE-2015-0291, CVE-2015-7850, CVE-2016-6384, CVE-2014-3356, CVE-2014-3354, CVE-2014-3355, CVE-2014-3299, CVE-2015-7848, CVE-2015-0289, CVE-2015-7705, CVE-2015-7703, CVE-2015-7851, CVE-2015-1799, CVE-2016-6382, CVE-2014-3359, CVE-2015-0287, CVE-2010-5298, CVE-2015-7852, CVE-2015-0209, CVE-2015-0288, CVE-2015-0285, CVE-2014-0198, CVE-2015-0643, CVE-2015-7853, CVE-2016-1350

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN959 | PN959 | Connected Components Workbench™ Software Dynamic Link Library (DLL) Hijack

Published Date:

February 16, 2017

Last Updated:

February 16, 2017

CVSS Scores:

7.0

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN938 | PN938 | RSLogix 500® and RSLogix™ Micro File Parser Buffer Overflow

Published Date:

February 14, 2017

Last Updated:

February 14, 2017

CVSS Scores:

8.6

CVE IDs:

CVE-2016-5814

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Medium

PN949 | PN949 | MicroLogix Controller Vulnerabilities

Published Date:

December 01, 2016

Last Updated:

December 01, 2016

CVSS Scores:

6.5, 2.7

CVE IDs:

CVE-2016-9338, CVE-2016-9334

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Medium

PN929 | PN929 | Stratix® 5400 and Stratix 5410 ICMP IPv4 Packet Corruption Vulnerability

Published Date:

June 23, 2016

Last Updated:

June 23, 2016

CVSS Scores:

5.8

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN930 | PN930 | FactoryTalk® EnergyMetrix™ Authentication Vulnerabilities

Published Date:

June 21, 2016

Last Updated:

June 21, 2016

CVSS Scores:

7.3

CVE IDs:

CVE-2016-4522, CVE-2016-4531

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

PN886 | PN886 | MicroLogix Web Redirect Vulnerability

Published Date:

September 17, 2015

Last Updated:

September 17, 2015

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Medium

PN869 | PN869 | RSView32 Weak Encryption Algorithm on Passwords

Published Date:

April 30, 2015

Last Updated:

April 30, 2015

CVSS Scores:

4.9

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Medium

PN852 | PN852 | RSLinx Classic File Input Buffer Overflow in OpcTest.exe

Published Date:

April 20, 2015

Last Updated:

April 20, 2015

CVSS Scores:

6.9

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Medium

PN851 | PN851 | FactoryTalk Services Platform and FactoryTalk View Studio DLL Hijacking Vulnerability

Published Date:

February 12, 2015

Last Updated:

February 12, 2015

CVSS Scores:

6.9

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN841 | PN841 | Connected Components Workbench (CCW) ActiveX Component Vulnerability

Published Date:

November 03, 2014

Last Updated:

November 03, 2014

CVSS Scores:

7.5

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN836 | PN836 | MicroLogix 1400 DNP3 Denial of Service Vulnerability

Published Date:

September 09, 2014

Last Updated:

September 09, 2014

CVSS Scores:

7.5

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Medium

PN792 | PN792 | FactoryTalk Activation Manager Unnecessary Third-party Service

Published Date:

November 08, 2013

Last Updated:

November 08, 2013

CVSS Scores:

5.3

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

PN744 | PN744 | MicroLogix, SLC 500 and PLC5 Controller Vulnerability

Published Date:

August 02, 2013

Last Updated:

August 02, 2013

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN759 | PN759 | FactoryTalk Diagnostics and RSLinx Enterprise Software Vulnerability

Published Date:

June 28, 2013

Last Updated:

June 28, 2013

CVSS Scores:

7.8

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

PN758 | PN758 | Stratix 5700, 8000 and 8300 Weak Password Vulnerability

Published Date:

April 02, 2013

Last Updated:

April 02, 2013

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN561 | PN561 | Client Software Authentication Security Vulnerability in MicroLogix™ Controllers

Published Date:

March 19, 2013

Last Updated:

March 19, 2013

CVSS Scores:

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN690 | PN690 | EtherNet/IP™ Product Vulnerabilities

Published Date:

January 03, 2013

Last Updated:

January 13, 2025

CVSS Scores:

10.0, 7.8, 8.5

CVE IDs:

CVE-2012-6439, CVE-2012-6441, CVE-2012-6442 , CVE-2012-6438, CVE-2012-6437

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

Yes

More Details Less Details

PN753 | PN753 | Vulnerability claims relating to FactoryTalk Services and RSLogix 5000 Software

Published Date:

November 29, 2012

Last Updated:

November 29, 2012

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Medium

PN750 | PN750 | FactoryTalk® Historian SE Security Vulnerability from PI OPC DA software interface

Published Date:

November 02, 2012

Last Updated:

November 02, 2012

CVSS Scores:

6.3

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN692 | PN692 | MicroLogix™ 1100 and 1400 Controller Vulnerability

Published Date:

July 18, 2012

Last Updated:

January 13, 2025

CVSS Scores:

9.3

CVE IDs:

CVE-2012-6440

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

Yes

More Details Less Details

High

PN691 | PN691 | Rockwell Automation Logix™ Controller Vulnerabilities

Published Date:

July 18, 2012

Last Updated:

January 13, 2025

CVSS Scores:

7.8

CVE IDs:

CVE-2012-6436, CVE-2012-6435

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

Yes

More Details Less Details

Medium

PN687 | PN687 | FactoryTalk™ Diagnostics Receiver Service Vulnerability

Published Date:

February 15, 2012

Last Updated:

February 15, 2012

CVSS Scores:

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

PN675 | PN675 | RSLogix 5000 Software Potential Denial-of-Service Vulnerability

Published Date:

September 13, 2011

Last Updated:

September 13, 2011

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1643 | PN1643 | 1756-EN2TR and 1756-EN3TR Open UDP Port Vulnerability

Published Date:

September 12, 2011

Last Updated:

September 12, 2011

CVSS Scores:

7.5

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Medium

PN670 | PN670 | RSLogix 5000 .ACD Project File Memory Corruption Anomaly

Published Date:

July 26, 2011

Last Updated:

July 26, 2011

CVSS Scores:

5.5

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN656 | PN656 | RSLinx Classic OPC Automation ActiveX component vulnerability could allow arbitrary code execution

Published Date:

June 28, 2011

Last Updated:

June 28, 2011

CVSS Scores:

8.4

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN657 | PN657 | Opening a corrupted FactoryTalk Diagnostics Viewer Configuration file (*.ftd) could cause arbitrary code execution

Published Date:

June 24, 2011

Last Updated:

June 24, 2011

CVSS Scores:

7.5

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

PN649 | PN649 | ControlLogix 1756-EWEB Enhanced Web Server Firmware Upgrade Security Vulnerability

Published Date:

June 15, 2011

Last Updated:

June 15, 2011

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN648 | PN648 | ControlLogix 1756-EN2T EtherNet/IP Bridge Firmware Upgrade Security Vulnerability

Published Date:

June 15, 2011

Last Updated:

June 15, 2011

CVSS Scores:

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN647 | PN647 | ControlLogix 1756-EWEB Enhanced Web Server FTP Server Security Vulnerability

Published Date:

June 15, 2011

Last Updated:

June 15, 2011

CVSS Scores:

7.5

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN646 | PN646 | RSLinx Classic™ EDS Wizard Buffer Overflow Vulnerability - May 24, 2011

Published Date:

May 24, 2011

Last Updated:

May 24, 2011

CVSS Scores:

9.3

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN641 | PN641 | Security vulnerability in password mechanism of MicroLogix™ 1100 and 1400 Controllers

Published Date:

May 17, 2011

Last Updated:

May 17, 2011

CVSS Scores:

7.5

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

High

PN1644 | PN1644 | Open UDP Port in 1756-ENBT EtherNet/IP™ Communication Interface

Published Date:

July 06, 2010

Last Updated:

July 06, 2010

CVSS Scores:

7.5

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN570 | PN570 | RSLinx Classic™ EDS Wizard Buffer Overflow Vulnerability - March 3, 2010

Published Date:

March 03, 2010

Last Updated:

March 03, 2010

CVSS Scores:

9.3

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Critical

PN566 | PN566 | Password Security Vulnerability in PLC5® and SLC™ 5/0x Controllers

Published Date:

February 02, 2010

Last Updated:

February 02, 2010

CVSS Scores:

Known Exploited Vulnerability (KEV):

Corrected:

Workaround:

More Details Less Details

Items Per Page:

264