Page 2 of 32 results (0.004 seconds)

CVSS: 8.7EPSS: 0%CPEs: 4EXPL: 0

Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. A malicious actor could exploit this vulnerability by performing multiple actions on certain web pages of the product causing the affected products to become fully unavailable and require a power cycle to recover. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1706.html • CWE-400: Uncontrolled Resource Consumption •

CVSS: 8.2EPSS: 0%CPEs: 3EXPL: 0

A denial-of-service vulnerability exists in the Rockwell Automation PowerFlex® 600T. If the device is overloaded with requests, it will become unavailable. The device may require a power cycle to recover it if it does not re-establish a connection after it stops receiving requests. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1705.html • CWE-754: Improper Check for Unusual or Exceptional Conditions •

CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0

An input validation vulnerability exists in the Rockwell Automation Sequence Managerâ„¢ which could allow a malicious user to send malformed packets to the server and cause a denial-of-service condition. If exploited, the device would become unresponsive, and a manual restart will be required for recovery. Additionally, if exploited, there could be a loss of view for the downstream equipment sequences in the controller. Users would not be able to view the status or command the equipment sequences, however the equipment sequence would continue to execute uninterrupted. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1679.html • CWE-20: Improper Input Validation •

CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0

A path traversal vulnerability exists in the Rockwell Automation affected product. If exploited, the threat actor could upload arbitrary files to the server that could result in a remote code execution. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1695.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

The Rockwell Automation affected product contains a vulnerability that allows a threat actor to view sensitive information and change settings. The vulnerability exists due to having an incorrect privilege matrix that allows users to have access to functions they should not. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1695.html • CWE-269: Improper Privilege Management •