Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-2427

Summary
Assigner-Rockwell
Assigner Org ID-b73dd486-f505-4403-b634-40b078b177f0
Published At-25 Mar, 2024 | 20:20
Updated At-21 Aug, 2024 | 14:57
Rejected At-
Credits

Rockwell Automation - Denial-of-service and Input Validation Vulnerabilities in PowerFlex® 527

A denial-of-service vulnerability exists in the Rockwell Automation PowerFlex® 527 due to improper traffic throttling in the device. If multiple data packets are sent to the device repeatedly the device will crash and require a manual restart to recover.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Rockwell
Assigner Org ID:b73dd486-f505-4403-b634-40b078b177f0
Published At:25 Mar, 2024 | 20:20
Updated At:21 Aug, 2024 | 14:57
Rejected At:
▼CVE Numbering Authority (CNA)
Rockwell Automation - Denial-of-service and Input Validation Vulnerabilities in PowerFlex® 527

A denial-of-service vulnerability exists in the Rockwell Automation PowerFlex® 527 due to improper traffic throttling in the device. If multiple data packets are sent to the device repeatedly the device will crash and require a manual restart to recover.

Affected Products
Vendor
Rockwell Automation, Inc.Rockwell Automation
Product
PowerFlex® 527
Default Status
unaffected
Versions
Affected
  • v2.001.x <
Problem Types
TypeCWE IDDescription
CWECWE-20CWE-20 Improper Input Validation
Type: CWE
CWE ID: CWE-20
Description: CWE-20 Improper Input Validation
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-153CAPEC-153 Input Data Manipulation
CAPEC ID: CAPEC-153
Description: CAPEC-153 Input Data Manipulation
Solutions

There is no fix currently for this vulnerability. Users using the affected software are encouraged to apply risk mitigations and security best practices, where possible. * Implement network segmentation confirming the device is on an isolated network. * Disable the web server https://literature.rockwellautomation.com/idc/groups/literature/documents/um/520-um002_-en-e.pdf , if not needed. The web server is disabled by default. Disabling this feature is available in v2.001.x and later. * Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.rockwellautomation.com/en-us/support/advisory.SD1664.html
N/A
Hyperlink: https://www.rockwellautomation.com/en-us/support/advisory.SD1664.html
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.rockwellautomation.com/en-us/support/advisory.SD1664.html
x_transferred
Hyperlink: https://www.rockwellautomation.com/en-us/support/advisory.SD1664.html
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Vendor
Rockwell Automation, Inc.rockwellautomation
Product
powerflex_527_ac_drives_firmware
CPEs
  • cpe:2.3:o:rockwellautomation:powerflex_527_ac_drives_firmware:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 2.001.0 before * (custom)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:PSIRT@rockwellautomation.com
Published At:25 Mar, 2024 | 21:15
Updated At:31 Jan, 2025 | 15:41

A denial-of-service vulnerability exists in the Rockwell Automation PowerFlex® 527 due to improper traffic throttling in the device. If multiple data packets are sent to the device repeatedly the device will crash and require a manual restart to recover.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches

Rockwell Automation, Inc.
rockwellautomation
>>powerflex_527_ac_drives_firmware>>Versions from 2.001(inclusive)
cpe:2.3:o:rockwellautomation:powerflex_527_ac_drives_firmware:*:*:*:*:*:*:*:*
Rockwell Automation, Inc.
rockwellautomation
>>powerflex_527_ac_drives>>-
cpe:2.3:h:rockwellautomation:powerflex_527_ac_drives:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20SecondaryPSIRT@rockwellautomation.com
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: CWE-20
Type: Secondary
Source: PSIRT@rockwellautomation.com
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://www.rockwellautomation.com/en-us/support/advisory.SD1664.htmlPSIRT@rockwellautomation.com
Vendor Advisory
https://www.rockwellautomation.com/en-us/support/advisory.SD1664.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: https://www.rockwellautomation.com/en-us/support/advisory.SD1664.html
Source: PSIRT@rockwellautomation.com
Resource:
Vendor Advisory
Hyperlink: https://www.rockwellautomation.com/en-us/support/advisory.SD1664.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

841Records found

CVE-2020-6083
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-3.45% / 87.58%
||
7 Day CHG~0.00%
Published-14 Oct, 2020 | 12:45
Updated-04 Aug, 2024 | 08:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable denial of service vulnerability exists in the ENIP Request Path Port Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability.

Action-Not Available
Vendor-n/aRockwell Automation, Inc.
Product-allen-bradley_flex_io_1794-aent\/ballen-bradley_flex_io_1794-aent\/b_firmwareAllen Bradley
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-6086
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-3.52% / 87.79%
||
7 Day CHG~0.00%
Published-14 Oct, 2020 | 12:34
Updated-04 Aug, 2024 | 08:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable denial of service vulnerability exists in the ENIP Request Path Data Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability.If the Simple Segment Sub-Type is supplied, the device treats the byte following as the Data Size in words. When this value represents a size greater than what remains in the packet data, the device enters a fault state where communication with the device is lost and a physical power cycle is required.

Action-Not Available
Vendor-n/aRockwell Automation, Inc.
Product-flex_i\/o_1794-aent\/bflex_i\/o_1794-aent\/b_firmwareAllen Bradley
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-6111
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-4.58% / 90.49%
||
7 Day CHG~0.00%
Published-03 Dec, 2020 | 12:29
Updated-04 Aug, 2024 | 08:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable denial-of-service vulnerability exists in the IPv4 functionality of Allen-Bradley MicroLogix 1100 Programmable Logic Controller Systems Series B FRN 16.000, Series B FRN 15.002, Series B FRN 15.000, Series B FRN 14.000, Series B FRN 13.000, Series B FRN 12.000, Series B FRN 11.000 and Series B FRN 10.000. A specially crafted packet can cause a major error, resulting in a denial of service. An attacker can send a malicious packet to trigger this vulnerability.

Action-Not Available
Vendor-n/aRockwell Automation, Inc.
Product-micrologix_1100micrologix_1100_b_firmwareAllen-Bradley
CWE ID-CWE-189
Not Available
CVE-2020-6084
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-3.52% / 87.79%
||
7 Day CHG~0.00%
Published-19 Oct, 2020 | 20:45
Updated-04 Aug, 2024 | 08:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability by sending an Electronic Key Segment with less bytes than required by the Key Format Table.

Action-Not Available
Vendor-n/aRockwell Automation, Inc.
Product-flex_i\/o_1794-aentAllen-Bradley
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-6087
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-3.52% / 87.79%
||
7 Day CHG~0.00%
Published-14 Oct, 2020 | 12:35
Updated-04 Aug, 2024 | 08:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable denial of service vulnerability exists in the ENIP Request Path Data Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability If the ANSI Extended Symbol Segment Sub-Type is supplied, the device treats the byte following as the Data Size in words. When this value represents a size greater than what remains in the packet data, the device enters a fault state where communication with the device is lost and a physical power cycle is required.

Action-Not Available
Vendor-n/aRockwell Automation, Inc.
Product-flex_i\/o_1794-aent\/bflex_i\/o_1794-aent\/b_firmwareAllen Bradley
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-6085
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-3.52% / 87.79%
||
7 Day CHG~0.00%
Published-19 Oct, 2020 | 20:46
Updated-04 Aug, 2024 | 08:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability by sending an Electronic Key Segment with less than 0x18 bytes following the Key Format field.

Action-Not Available
Vendor-n/aRockwell Automation, Inc.
Product-flex_i\/o_1794-aentAllen Bradley
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-5801
Matching Score-8
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-8
Assigner-Tenable Network Security, Inc.
CVSS Score-7.5||HIGH
EPSS-25.22% / 97.67%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 15:15
Updated-04 Aug, 2024 | 08:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An attacker can craft and send an OpenNamespace message to port 4241 with valid session-id that triggers an unhandled exception in CFTLDManager::HandleRequest function in RnaDaSvr.dll, resulting in process termination. Observed in FactoryTalk Linx 6.11. All versions of FactoryTalk Linx are affected.

Action-Not Available
Vendor-n/aRockwell Automation, Inc.
Product-factorytalk_linxRockwell FactoryTalk Linx
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2020-13573
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-3.39% / 87.34%
||
7 Day CHG~0.00%
Published-07 Jan, 2021 | 17:26
Updated-04 Aug, 2024 | 12:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial-of-service vulnerability exists in the Ethernet/IP server functionality of Rockwell Automation RSLinx Classic 2.57.00.14 CPR 9 SR 3. A specially crafted network request can lead to a denial of service. An attacker can send a sequence of malicious packets to trigger this vulnerability.

Action-Not Available
Vendor-n/aRockwell Automation, Inc.
Product-rslinxRockwell Automation
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-12005
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.5||HIGH
EPSS-1.84% / 76.41%
||
7 Day CHG~0.00%
Published-15 Jun, 2020 | 19:22
Updated-04 Aug, 2024 | 11:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 and later, Studio 5000 Launcher: Version 31 and later Stud, 5000 Logix Designer software: Version 32 and prior is vulnerable. A vulnerability exists in the communication function that enables users to upload EDS files by FactoryTalk Linx. This may allow an attacker to upload a file with bad compression, consuming all the available CPU resources, leading to a denial-of-service condition.

Action-Not Available
Vendor-n/aRockwell Automation, Inc.
Product-factorytalk_linxrslinx_classicFactoryTalk Linx, RSLinx Classic, Connected Components Workbench, ControlFLASH Plus, FactoryTalk Asset Centre, FactoryTalk Linx CommDTM, Studio 5000 Launcher, Studio 5000 Logix Designer software
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2012-4695
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.1||HIGH
EPSS-2.76% / 84.50%
||
7 Day CHG~0.00%
Published-18 Apr, 2013 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (service outage) via a zero-byte UDP packet that is not properly handled by Logger.dll.

Action-Not Available
Vendor-n/aRockwell Automation, Inc.
Product-rslinx_enterprisen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2020-12001
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-11.50% / 95.49%
||
7 Day CHG~0.00%
Published-15 Jun, 2020 | 19:14
Updated-04 Aug, 2024 | 11:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 and later, Studio 5000 Launcher: Version 31 and later Stud, 5000 Logix Designer software: Version 32 and prior is vulnerable. The parsing mechanism that processes certain file types does not provide input sanitation. This may allow an attacker to use specially crafted files to traverse the file system and modify or expose sensitive data or execute arbitrary code.

Action-Not Available
Vendor-n/aRockwell Automation, Inc.
Product-factorytalk_linxrslinx_classicFactoryTalk Linx, RSLinx Classic, Connected Components Workbench, ControlFLASH Plus, FactoryTalk Asset Centre, FactoryTalk Linx CommDTM, Studio 5000 Launcher, Studio 5000 Logix Designer software
CWE ID-CWE-20
Improper Input Validation
CVE-2012-0221
Matching Score-6
Assigner-CERT/CC
ShareView Details
Matching Score-6
Assigner-CERT/CC
CVSS Score-5||MEDIUM
EPSS-10.32% / 95.15%
||
7 Day CHG~0.00%
Published-02 Apr, 2012 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The FactoryTalk (FT) RNADiagReceiver service in Rockwell Automation Allen-Bradley FactoryTalk CPR9 through SR5 and RSLogix 5000 17 through 20 does not properly handle the return value from an unspecified function, which allows remote attackers to cause a denial of service (service outage) via a crafted packet.

Action-Not Available
Vendor-n/aRockwell Automation, Inc.
Product-factorytalkrslogix_5000n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2024-7988
Matching Score-6
Assigner-Rockwell Automation
ShareView Details
Matching Score-6
Assigner-Rockwell Automation
CVSS Score-9.3||CRITICAL
EPSS-1.48% / 70.73%
||
7 Day CHG~0.00%
Published-26 Aug, 2024 | 14:47
Updated-21 Oct, 2025 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ThinManager® ThinServer™ Information Disclosure and Remote Code Execution Vulnerabilities

A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™ that allows a threat actor to execute arbitrary code with System privileges. This vulnerability exists due to the lack of proper data input validation, which allows files to be overwritten.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-thinmanager_thinserverThinManager® ThinServer™thinmanager_thinserver
CWE ID-CWE-20
Improper Input Validation
CVE-2024-7507
Matching Score-6
Assigner-Rockwell Automation
ShareView Details
Matching Score-6
Assigner-Rockwell Automation
CVSS Score-8.7||HIGH
EPSS-0.50% / 39.12%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 19:35
Updated-04 Mar, 2025 | 17:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix® 5380 Controller Denial-of-Service Vulnerability via Input Validation

CVE-2024-7507 IMPACT A denial-of-service vulnerability exists in the affected products. This vulnerability occurs when a malformed PCCC message is received, causing a fault in the controller.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-compactlogix_5480compactlogix_5380controllogix_5580_firmwarecontrollogix_5580compact_guardlogix_5380_sil_3_firmwarecompact_guardlogix_5380_sil_3compactlogix_5380_firmwarecompact_guardlogix_5380_sil_2_firmwareguardlogix_5580_firmwarecompactlogix_5480_firmwareguardlogix_5580compact_guardlogix_5380_sil_2CompactLogix 5380 (5069 – L3z)CompactLogix 5480 (5069-L4)Compact GuardLogix 5380 (5069- L3zS2)GuardLogix 5580 (1756-L8z)ControlLogix® 5580 (1756 –L8z)controllogix_5580_firmwarecompactlogix_5480_firmwareguardlogix_5580_firmwarecontrollogix_5380_firmwarecompact_guardlogix_5380_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2024-6436
Matching Score-6
Assigner-Rockwell Automation
ShareView Details
Matching Score-6
Assigner-Rockwell Automation
CVSS Score-8.7||HIGH
EPSS-0.60% / 44.62%
||
7 Day CHG~0.00%
Published-27 Sep, 2024 | 19:45
Updated-22 Oct, 2025 | 20:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation Input Validation Vulnerability exists in the SequenceManager™ Server

An input validation vulnerability exists in the Rockwell Automation Sequence Manager™ which could allow a malicious user to send malformed packets to the server and cause a denial-of-service condition. If exploited, the device would become unresponsive, and a manual restart will be required for recovery. Additionally, if exploited, there could be a loss of view for the downstream equipment sequences in the controller. Users would not be able to view the status or command the equipment sequences, however the equipment sequence would continue to execute uninterrupted.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-sequencemanagerSequenceManager™sequencemanager
CWE ID-CWE-20
Improper Input Validation
CVE-2024-5988
Matching Score-6
Assigner-Rockwell Automation
ShareView Details
Matching Score-6
Assigner-Rockwell Automation
CVSS Score-9.3||CRITICAL
EPSS-2.65% / 83.81%
||
7 Day CHG~0.00%
Published-25 Jun, 2024 | 15:53
Updated-27 Aug, 2025 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation ThinManager® ThinServer™ Improper Input Validation Vulnerability

Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke a local or remote executable and cause a remote code execution condition on the Rockwell Automation ThinManager® ThinServer™.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-ThinManager® ThinServer™thinmanager
CWE ID-CWE-20
Improper Input Validation
CVE-2024-5989
Matching Score-6
Assigner-Rockwell Automation
ShareView Details
Matching Score-6
Assigner-Rockwell Automation
CVSS Score-9.3||CRITICAL
EPSS-2.39% / 81.95%
||
7 Day CHG~0.00%
Published-25 Jun, 2024 | 16:01
Updated-27 Aug, 2025 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation ThinManager® ThinServer™ Improper Input Validation Vulnerability

Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke SQL injection into the program and cause a remote code execution condition on the Rockwell Automation ThinManager® ThinServer™.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-ThinManager® ThinServer™thinmanager
CWE ID-CWE-20
Improper Input Validation
CVE-2024-5990
Matching Score-6
Assigner-Rockwell Automation
ShareView Details
Matching Score-6
Assigner-Rockwell Automation
CVSS Score-8.7||HIGH
EPSS-2.25% / 80.80%
||
7 Day CHG~0.00%
Published-25 Jun, 2024 | 16:11
Updated-27 Aug, 2025 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ThinManager® ThinServer™ Improper Input Validation Vulnerability

Due to an improper input validation, an unauthenticated threat actor can send a malicious message to a monitor thread within Rockwell Automation ThinServer™ and cause a denial-of-service condition on the affected device.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-ThinManager® ThinServer™thinmanager
CWE ID-CWE-20
Improper Input Validation
CVE-2024-4609
Matching Score-6
Assigner-Rockwell Automation
ShareView Details
Matching Score-6
Assigner-Rockwell Automation
CVSS Score-8.8||HIGH
EPSS-0.65% / 46.73%
||
7 Day CHG~0.00%
Published-16 May, 2024 | 15:13
Updated-30 Jan, 2025 | 15:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation Datalog Function within in FactoryTalk® View SE contains SQL Injection Vulnerability

A vulnerability exists in the Rockwell Automation FactoryTalk® View SE Datalog function that could allow a threat actor to inject a malicious SQL statement if the SQL database has no authentication in place or if legitimate credentials were stolen. If exploited, the attack could result in information exposure, revealing sensitive information. Additionally, a threat actor could potentially modify and delete the data in a remote database. An attack would only affect the HMI design time, not runtime.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-factorytalk_viewFactoryTalk® View SEfactorytalk_view
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-37365
Matching Score-6
Assigner-Rockwell Automation
ShareView Details
Matching Score-6
Assigner-Rockwell Automation
CVSS Score-7||HIGH
EPSS-0.23% / 13.25%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 14:52
Updated-12 Nov, 2024 | 19:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FactoryTalk View ME Remote Code Execution Vulnerability via Project Save Path

A remote code execution vulnerability exists in the affected product. The vulnerability allows users to save projects within the public directory allowing anyone with local access to modify and/or delete files. Additionally, a malicious user could potentially leverage this vulnerability to escalate their privileges by changing the macro to execute arbitrary code.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-FactoryTalk View Machine Editionfactorytalk_view_machine_edition
CWE ID-CWE-20
Improper Input Validation
CVE-2018-19016
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.5||HIGH
EPSS-3.19% / 86.52%
||
7 Day CHG~0.00%
Published-27 Mar, 2019 | 17:20
Updated-05 Aug, 2024 | 11:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Rockwell Automation EtherNet/IP Web Server Modules 1756-EWEB (includes 1756-EWEBK) Version 5.001 and earlier, and CompactLogix 1768-EWEB Version 2.005 and earlier. A remote attacker could send a crafted UDP packet to the SNMP service causing a denial-of-service condition to occur until the affected product is restarted.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-ethernet\/ip_web_server_module_1756-ewebethernet\/ip_web_server_module_1768-ewebRockwell Automation EtherNet/IP Web Server Modules 1756-EWEB (includes 1756-EWEBK) Version 5.001 and earlier, and CompactLogix 1768-EWEB Version 2.005 and earlier.
CWE ID-CWE-20
Improper Input Validation
CVE-2023-29464
Matching Score-6
Assigner-Rockwell Automation
ShareView Details
Matching Score-6
Assigner-Rockwell Automation
CVSS Score-8.2||HIGH
EPSS-9.60% / 94.89%
||
7 Day CHG~0.00%
Published-13 Oct, 2023 | 12:57
Updated-17 Sep, 2024 | 16:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation FactoryTalk Linx Vulnerable to Denial-of-Service and Information Disclosure

FactoryTalk Linx, in the Rockwell Automation PanelView Plus, allows an unauthenticated threat actor to read data from memory via crafted malicious packets. Sending a size larger than the buffer size results in leakage of data from memory resulting in an information disclosure. If the size is large enough, it causes communications over the common industrial protocol to become unresponsive to any type of packet, resulting in a denial-of-service to FactoryTalk Linx over the common industrial protocol.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-factorytalk_linxFactoryTalk Linx factorytalk_linx
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-29026
Matching Score-6
Assigner-Rockwell Automation
ShareView Details
Matching Score-6
Assigner-Rockwell Automation
CVSS Score-4.7||MEDIUM
EPSS-0.62% / 45.31%
||
7 Day CHG~0.00%
Published-11 May, 2023 | 17:47
Updated-24 Jan, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation ArmorStart ST Vulnerable to Cross-Site Scripting Attack

A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-armorstart_st_281earmorstart_st_284ee_firmwarearmorstart_st_284eearmorstart_st_281e_firmwareArmorStart ST
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2023-2917
Matching Score-6
Assigner-Rockwell Automation
ShareView Details
Matching Score-6
Assigner-Rockwell Automation
CVSS Score-9.8||CRITICAL
EPSS-67.84% / 99.23%
||
7 Day CHG~0.00%
Published-17 Aug, 2023 | 15:10
Updated-08 Oct, 2024 | 16:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerability

The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability.  Due to an improper input validation, a path traversal vulnerability exists, via the filename field, when the ThinManager processes a certain function. If exploited, an unauthenticated remote attacker can upload arbitrary files to any directory on the disk drive where ThinServer.exe is installed.  A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and potentially gain remote code execution abilities.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-thinmanager_thinserverThinManager ThinServerthinmanager_thinserver
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-10944
Matching Score-6
Assigner-Rockwell Automation
ShareView Details
Matching Score-6
Assigner-Rockwell Automation
CVSS Score-7.1||HIGH
EPSS-0.50% / 38.92%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 17:03
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FactoryTalk® Updater Remote Code Execution

A Remote Code Execution vulnerability exists in the affected product. The vulnerability requires a high level of permissions and exists due to improper input validation resulting in the possibility of a malicious Updated Agent being deployed.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-FactoryTalk Updaterfactorytalk_updater
CWE ID-CWE-20
Improper Input Validation
CVE-2018-0158
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-7.19% / 93.54%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-14 Jan, 2026 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-17||Apply updates per vendor instructions.

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf22394.

Action-Not Available
Vendor-n/aCisco Systems, Inc.Rockwell Automation, Inc.
Product-asr_1001-hxasr_1004asr_1013iosasr_1009-xasr_1006-xasr_1006ios_xeallen-bradley_stratix_5900asr_1002-xasr_1001-xasr_1002-hxCisco IOS and IOS XEIOS Software and Cisco IOS XE Software
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2018-0173
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-7.61% / 93.82%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-14 Jan, 2026 | 18:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-17||Apply updates per vendor instructions.

A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a Relay Reply denial of service (DoS) condition. The vulnerability exists because the affected software performs incomplete input validation of encapsulated option 82 information that it receives in DHCPOFFER messages from DHCPv4 servers. An attacker could exploit this vulnerability by sending a crafted DHCPv4 packet to an affected device, which the device would then forward to a DHCPv4 server. When the affected software processes the option 82 information that is encapsulated in the response from the server, an error could occur. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvg62754.

Action-Not Available
Vendor-n/aCisco Systems, Inc.Rockwell Automation, Inc.
Product-4431_integrated_services_routercloud_services_router_1000vallen-bradley_stratix_8300allen-bradley_stratix_5410asr_1000_series_route_processor_\(rp2\)asr_1001-xasr_1002-hxallen-bradley_stratix_5700asr_1001-hx4351_integrated_services_routerallen-bradley_stratix_8000allen-bradley_stratix_5400iosios_xe4321_integrated_services_routerasr_1002-x4451-x_integrated_services_router4331_integrated_services_routerasr_1000_series_route_processor_\(rp3\)allen-bradley_armorstratix_5700Cisco IOS and IOS XEIOS and IOS XE Software
CWE ID-CWE-20
Improper Input Validation
CVE-2017-9312
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.45% / 90.25%
||
7 Day CHG~0.00%
Published-25 Jun, 2018 | 15:00
Updated-16 Sep, 2024 | 23:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improperly implemented option-field processing in the TCP/IP stack on Allen-Bradley L30ERMS safety devices v30 and earlier causes a denial of service. When a crafted TCP packet is received, the device reboots immediately.

Action-Not Available
Vendor-n/aRockwell Automation, Inc.
Product-allen-bradley_l30ermsallen-bradley_l30erms_firmwaren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-7924
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.5||HIGH
EPSS-22.18% / 97.38%
||
7 Day CHG~0.00%
Published-20 Sep, 2017 | 16:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Improper Input Validation issue was discovered in Rockwell Automation MicroLogix 1100 controllers 1763-L16BWA, 1763-L16AWA, 1763-L16BBB, and 1763-L16DWD. A remote, unauthenticated attacker could send a single, specially crafted Programmable Controller Communication Commands (PCCC) packet to the controller that could potentially cause the controller to enter a DoS condition.

Action-Not Available
Vendor-n/aRockwell Automation, Inc.
Product-1763-l16awa1763-l16dwd1763-l16bbb1763-l16bwa1763-l16bwa_firmware1763-l16awa_firmware1763-l16bbb_firmware1763-l16dwd_firmwareRockwell Automation MicroLogix 1100 Controllers
CWE ID-CWE-20
Improper Input Validation
CVE-2017-14022
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.5||HIGH
EPSS-4.22% / 89.78%
||
7 Day CHG~0.00%
Published-23 Dec, 2017 | 00:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Improper Input Validation issue was discovered in Rockwell Automation FactoryTalk Alarms and Events, Version 2.90 and earlier. An unauthenticated attacker with remote access to a network with FactoryTalk Alarms and Events can send a specially crafted set of packets packet to Port 403/TCP (the history archiver service), causing the service to either stall or terminate.

Action-Not Available
Vendor-n/aRockwell Automation, Inc.
Product-factorytalk_alarms_and_eventsRockwell Automation FactoryTalk Alarms and Events
CWE ID-CWE-20
Improper Input Validation
CVE-2017-12088
Matching Score-6
Assigner-Talos
ShareView Details
Matching Score-6
Assigner-Talos
CVSS Score-8.6||HIGH
EPSS-4.54% / 90.40%
||
7 Day CHG~0.00%
Published-05 Apr, 2018 | 21:00
Updated-16 Sep, 2024 | 17:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable denial of service vulnerability exists in the Ethernet functionality of the Allen Bradley Micrologix 1400 Series B FRN 21.2 and below. A specially crafted packet can cause a device power cycle resulting in a fault state and deletion of ladder logic. An attacker can send one unauthenticated packet to trigger this vulnerability

Action-Not Available
Vendor-Talos (Cisco Systems, Inc.)Rockwell Automation, Inc.
Product-micrologix_1400micrologix_1400_b_firmwareAllen Bradley
CWE ID-CWE-20
Improper Input Validation
CVE-2018-0172
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-7.82% / 93.95%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-14 Jan, 2026 | 18:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-17||Apply updates per vendor instructions.

A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software performs incomplete input validation of option 82 information that it receives in DHCP Version 4 (DHCPv4) packets from DHCP relay agents. An attacker could exploit this vulnerability by sending a crafted DHCPv4 packet to an affected device. A successful exploit could allow the attacker to cause a heap overflow condition on the affected device, which will cause the device to reload and result in a DoS condition. Cisco Bug IDs: CSCvg62730.

Action-Not Available
Vendor-n/aCisco Systems, Inc.Rockwell Automation, Inc.
Product-allen-bradley_stratix_8000allen-bradley_stratix_5400allen-bradley_stratix_8300allen-bradley_stratix_5410iosios_xeallen-bradley_stratix_5700allen-bradley_armorstratix_5700Cisco IOS and IOS XEIOS and IOS XE Software
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-8007
Matching Score-6
Assigner-Rockwell Automation
ShareView Details
Matching Score-6
Assigner-Rockwell Automation
CVSS Score-7.1||HIGH
EPSS-0.24% / 14.91%
||
7 Day CHG~0.00%
Published-09 Sep, 2025 | 12:29
Updated-17 Sep, 2025 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation 1756-ENT2R, EN4TR, EN4TRXT Vulnerability

A security issue exists in the protected mode of 1756-EN4TR and 1756-EN2TR communication modules, where a Concurrent Forward Close operation can trigger a Major Non-Recoverable (MNFR) fault. This condition may lead to unexpected system crashes and loss of device availability.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-1756-en4tr_firmware1756-en2tr_series_a_firmware1756-en2tr_series_c1756-en2tr_series_c_firmware1756-en2tr_series_b1756-en4trxt_firmware1756-en2tr_series_a1756-en4trxt1756-en4tr1756-en2tr_series_b_firmware1756-ENT2R, 1756-EN4TR, 1756-EN4TRXT
CWE ID-CWE-20
Improper Input Validation
CVE-2025-6377
Matching Score-6
Assigner-Rockwell Automation
ShareView Details
Matching Score-6
Assigner-Rockwell Automation
CVSS Score-7.1||HIGH
EPSS-0.21% / 10.57%
||
7 Day CHG~0.00%
Published-09 Jul, 2025 | 20:12
Updated-11 Jul, 2025 | 18:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arena® Simulation Out-Of-Bounds Write Remote Code Execution Vulnerability

A remote code execution security issue exists in the Rockwell Automation Arena®.  A crafted DOE file can force Arena Simulation to write beyond the boundaries of an allocated object. Exploitation requires user interaction, such as opening a malicious file within the software. If exploited, a threat actor could execute arbitrary code on the target system. The software must run under the context of the administrator in order to cause worse case impact. This is reflected in the Rockwell CVSS score, as AT:P.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-arenaArena®
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-6376
Matching Score-6
Assigner-Rockwell Automation
ShareView Details
Matching Score-6
Assigner-Rockwell Automation
CVSS Score-7.1||HIGH
EPSS-0.21% / 10.57%
||
7 Day CHG~0.00%
Published-09 Jul, 2025 | 20:13
Updated-11 Jul, 2025 | 18:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arena® Simulation Out-Of-Bounds Write Remote Code Execution Vulnerability

A remote code execution security issue exists in the Rockwell Automation Arena®.  A crafted DOE file can force Arena Simulation to write beyond the boundaries of an allocated object. Exploitation requires user interaction, such as opening a malicious file within the software. If exploited, a threat actor could execute arbitrary code on the target system. The software must run under the context of the administrator in order to cause worse case impact. This is reflected in the Rockwell CVSS score, as AT:P.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-arenaArena®
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2014-5410
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.1||HIGH
EPSS-4.17% / 89.67%
||
7 Day CHG~0.00%
Published-03 Oct, 2014 | 18:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation Micrologix 1400 Improper Input Validation

The DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400 1766-Lxxxxx A FRN controllers 7 and earlier and 1400 1766-Lxxxxx B FRN controllers before 15.001 allows remote attackers to cause a denial of service (process disruption) via malformed packets over (1) an Ethernet network or (2) a serial line.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-ab_micrologix_controllerAllen-Bradley MicroLogix 1400
CWE ID-CWE-20
Improper Input Validation
CVE-2023-2071
Matching Score-6
Assigner-Rockwell Automation
ShareView Details
Matching Score-6
Assigner-Rockwell Automation
CVSS Score-9.8||CRITICAL
EPSS-10.97% / 95.35%
||
7 Day CHG~0.00%
Published-12 Sep, 2023 | 13:12
Updated-25 Sep, 2024 | 20:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FactoryTalk View Machine Edition Vulnerable to Remote Code Execution

Rockwell Automation FactoryTalk View Machine Edition on the PanelView Plus, improperly verifies user’s input, which allows unauthenticated attacker to achieve remote code executed via crafted malicious packets.  The device has the functionality, through a CIP class, to execute exported functions from libraries.  There is a routine that restricts it to execute specific functions from two dynamic link library files.  By using a CIP class, an attacker can upload a self-made library to the device which allows the attacker to bypass the security check and execute any code written in the function.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-panelview_plusfactorytalk_viewFa
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2018-0174
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-7.61% / 93.82%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-14 Jan, 2026 | 18:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-17||Apply updates per vendor instructions.

A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software performs incomplete input validation of option 82 information that it receives in DHCP Version 4 (DHCPv4) packets from DHCP relay agents. An attacker could exploit this vulnerability by sending a crafted DHCPv4 packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCuh91645.

Action-Not Available
Vendor-n/aCisco Systems, Inc.Rockwell Automation, Inc.
Product-allen-bradley_stratix_8000allen-bradley_stratix_5400allen-bradley_stratix_8300iosios_xeallen-bradley_stratix_54107600_series_supervisor_engine_327600_series_route_switch_processor_7207600_series_supervisor_engine_720allen-bradley_stratix_5700allen-bradley_armorstratix_5700Cisco IOS and IOS XEIOS XE Software
CWE ID-CWE-20
Improper Input Validation
CVE-2020-6998
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-5.8||MEDIUM
EPSS-1.82% / 76.13%
||
7 Day CHG+0.08%
Published-27 Jul, 2022 | 20:18
Updated-17 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation CompactLogix 5370 and ControlLogix 5570 Controllers Improper Input Validation

The connection establishment algorithm found in Rockwell Automation CompactLogix 5370 and ControlLogix 5570 versions 33 and prior does not sufficiently manage its control flow during execution, creating an infinite loop. This may allow an attacker to send specially crafted CIP packet requests to a controller, which may cause denial-of-service conditions in communications with other products.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-guardlogix_5580controllogix_5570_firmwarearmor_compact_guardlogix_5370guardlogix_5560_firmwarecompactlogix_5370_l3_firmwarecontrollogix_5570compactlogix_5370_l2guardlogix_5580_firmwareguardlogix_5570compactlogix_5370_l1compact_guardlogix_5370compactlogix_5370_l2_firmwarecompact_guardlogix_5370_firmwareguardlogix_5560guardlogix_5570_firmwarearmor_compact_guardlogix_5370_firmwarecompactlogix_5370_l3compactlogix_5370_l1_firmwareControlLogix 5570 controllersArmor Compact GuardLogix 5370 controllersArmor GuardLogix Safety ControllersCompactLogix 5370 L2 controllersCompactLogix 5370 L3 controllersCompactLogix 5370 L1 controllersCompact GuardLogix 5370 controllers
CWE ID-CWE-20
Improper Input Validation
CVE-2020-12029
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9||CRITICAL
EPSS-44.98% / 98.63%
||
7 Day CHG~0.00%
Published-20 Jul, 2020 | 14:56
Updated-16 Sep, 2024 | 22:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation FactoryTalk View SE

All versions of FactoryTalk View SE do not properly validate input of filenames within a project directory. A remote, unauthenticated attacker may be able to execute a crafted file on a remote endpoint that may result in remote code execution (RCE). Rockwell Automation recommends applying patch 1126289. Before installing this patch, the patch rollup dated 06 Apr 2020 or later MUST be applied. 1066644 – Patch Roll-up for CPR9 SRx.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-factorytalk_viewFactoryTalk View SE
CWE ID-CWE-20
Improper Input Validation
CVE-2020-11999
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.1||HIGH
EPSS-2.80% / 84.76%
||
7 Day CHG~0.00%
Published-15 Jun, 2020 | 19:11
Updated-04 Aug, 2024 | 11:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 and later, Studio 5000 Launcher: Version 31 and later Stud, 5000 Logix Designer software: Version 32 and prior is vulnerable. An exposed API call allows users to provide files to be processed without sanitation. This may allow an attacker to specify a filename to execute unauthorized code and modify files or data.

Action-Not Available
Vendor-n/aRockwell Automation, Inc.
Product-factorytalk_linxrslinx_classicFactoryTalk Linx, RSLinx Classic, Connected Components Workbench, ControlFLASH Plus, FactoryTalk Asset Centre, FactoryTalk Linx CommDTM, Studio 5000 Launcher, Studio 5000 Logix Designer software
CWE ID-CWE-20
Improper Input Validation
CVE-2020-12033
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.8||HIGH
EPSS-1.10% / 61.63%
||
7 Day CHG~0.00%
Published-23 Jun, 2020 | 21:45
Updated-04 Aug, 2024 | 11:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Rockwell Automation FactoryTalk Services Platform, all versions, the redundancy host service (RdcyHost.exe) does not validate supplied identifiers, which could allow an unauthenticated, adjacent attacker to execute remote COM objects with elevated privileges.

Action-Not Available
Vendor-n/aRockwell Automation, Inc.
Product-factorytalk_services_platformRockwell Automation FactoryTalk Services Platform
CWE ID-CWE-20
Improper Input Validation
CVE-2025-26702
Matching Score-4
Assigner-ZTE Corporation
ShareView Details
Matching Score-4
Assigner-ZTE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.36% / 27.77%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 07:04
Updated-19 Mar, 2025 | 14:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Input Validation vulnerability in ZTE GoldenDB allows Input Data Manipulation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.04.

Action-Not Available
Vendor-ZTE Corporation
Product-goldendbGoldenDB
CWE ID-CWE-20
Improper Input Validation
CVE-2025-26858
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.6||HIGH
EPSS-0.45% / 35.85%
||
7 Day CHG+0.02%
Published-01 Dec, 2025 | 15:25
Updated-05 Dec, 2025 | 20:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted set of network packets can lead to denial of service. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.

Action-Not Available
Vendor-socomecSocomec
Product-diris_m-70diris_m-70_firmwareDIRIS Digiware M-70
CWE ID-CWE-20
Improper Input Validation
CVE-2025-26413
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.61% / 44.96%
||
7 Day CHG~0.00%
Published-22 Apr, 2025 | 07:07
Updated-23 Jun, 2025 | 19:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Kvrocks: The server was crashed by the negative offset

Improper Input Validation vulnerability in Apache Kvrocks. The SETRANGE command didn't check if the `offset` input is a positive integer and use it as an index of a string. So it will cause the server to crash due to its index is  out of range. This issue affects Apache Kvrocks: through 2.11.1. Users are recommended to upgrade to version 2.12.0, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-kvrocksApache Kvrocks
CWE ID-CWE-20
Improper Input Validation
CVE-2025-26488
Matching Score-4
Assigner-EU Agency for Cybersecurity (ENISA)
ShareView Details
Matching Score-4
Assigner-EU Agency for Cybersecurity (ENISA)
CVSS Score-7.5||HIGH
EPSS-0.32% / 23.62%
||
7 Day CHG~0.00%
Published-08 Dec, 2025 | 08:52
Updated-22 Dec, 2025 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper input validation in XML Management service in Infinera MTC-9

Improper Input Validation vulnerability in Infinera MTC-9 allows remote unauthenticated users to crash the service and cause a reboot of the appliance, thus causing a DoS condition, via crafted XML payloads.This issue affects MTC-9: from R22.1.1.0275 before R23.0.

Action-Not Available
Vendor-InfineraNokia Corporation
Product-infinera_mtc-9_firmwareinfinera_mtc-9MTC-9
CWE ID-CWE-20
Improper Input Validation
CVE-2025-26780
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.34% / 26.26%
||
7 Day CHG-0.00%
Published-07 Jul, 2025 | 00:00
Updated-27 Oct, 2025 | 16:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in L2 in Samsung Mobile Processor and Modem Exynos 2400 and Modem 5400. The lack of a length check leads to a Denial of Service via a malformed PDCP packet.

Action-Not Available
Vendor-n/aSamsung
Product-exynos_2400_firmwaremodem_5400_firmwareexynos_2400modem_5400n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2025-24970
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-1.97% / 77.96%
||
7 Day CHG~0.00%
Published-10 Feb, 2025 | 21:57
Updated-16 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead to a native crash. Version 4.1.118.Final contains a patch. As workaround its possible to either disable the usage of the native SSLEngine or change the code manually.

Action-Not Available
Vendor-The Netty Project
Product-netty
CWE ID-CWE-20
Improper Input Validation
CVE-2019-1687
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.90% / 85.24%
||
7 Day CHG~0.00%
Published-03 May, 2019 | 15:00
Updated-21 Nov, 2024 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software TCP Proxy Denial of Service Vulnerability

A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to an error in TCP-based packet inspection, which could cause the TCP packet to have an invalid Layer 2 (L2)-formatted header. An attacker could exploit this vulnerability by sending a crafted TCP packet sequence to the targeted device. A successful exploit could allow the attacker to cause a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asa_5550asa_5545-xasa_5505asa_5540adaptive_security_appliance_softwareasa_5555-xasa_5520asa_5510asa_5525-xasa_5580asa_5585-xasa_5512-xfirepower_threat_defenseasa_5515-xCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-20
Improper Input Validation
CVE-2019-16141
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.58% / 72.58%
||
7 Day CHG~0.00%
Published-09 Sep, 2019 | 11:55
Updated-05 Aug, 2024 | 01:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the once_cell crate before 1.0.1 for Rust. There is a panic during initialization of Lazy.

Action-Not Available
Vendor-once_cell_projectn/a
Product-once_celln/a
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 16
  • 17
  • Next
Details not found