CVSS: 8.1EPSS: 1%CPEs: 1EXPL: 0CVE-2023-46290 – Rockwell Automation FactoryTalk Services Platform Elevated Privileges Vulnerability
https://notcve.org/view.php?id=CVE-2023-46290
27 Oct 2023 — Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk® Services Platform web service and then use the token to log in into FactoryTalk® Services Platform . This vulnerability can only be exploited if the authorized user did not previously log in into the FactoryTalk® Services Platform web service. Debido a una lógica de código inadecuada, un actor de amenazas no autenticado previamente podría obtener un token de... • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141165 • CWE-287: Improper Authentication •
CVSS: 9.4EPSS: 5%CPEs: 2EXPL: 0CVE-2023-29464 – Rockwell Automation FactoryTalk Linx Vulnerable to Denial-of-Service and Information Disclosure
https://notcve.org/view.php?id=CVE-2023-29464
13 Oct 2023 — FactoryTalk Linx, in the Rockwell Automation PanelView Plus, allows an unauthenticated threat actor to read data from memory via crafted malicious packets. Sending a size larger than the buffer size results in leakage of data from memory resulting in an information disclosure. If the size is large enough, it causes communications over the common industrial protocol to become unresponsive to any type of packet, resulting in a denial-of-service to FactoryTalk Linx over the common industrial protocol. FactoryT... • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141040 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 5%CPEs: 66EXPL: 0CVE-2023-2262 – Rockwell Automation Select Logix Communication Modules Vulnerable to Email Object Buffer Overflow
https://notcve.org/view.php?id=CVE-2023-2262
20 Sep 2023 — A buffer overflow vulnerability exists in the Rockwell Automation select 1756-EN* communication devices. If exploited, a threat actor could potentially leverage this vulnerability to perform a remote code execution. To exploit this vulnerability, a threat actor would have to send a maliciously crafted CIP request to device. Existe una vulnerabilidad de Desbordamiento del Búfer en determinados dispositivos de comunicación 1756-EN* de Rockwell Automation. Si se explota, un actor de amenazas podría aprovechar ... • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140786 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-29463 – Pavilion8 Security Misconfiguration Vulnerability
https://notcve.org/view.php?id=CVE-2023-29463
12 Sep 2023 — The JMX Console within the Rockwell Automation Pavilion8 is exposed to application users and does not require authentication. If exploited, a malicious user could potentially retrieve other application users’ session data and or log users out of their session. La consola JMX dentro de Rockwell Automation Pavilion8 está expuesta a los usuarios de la aplicación y no requiere autenticación. Si se explota, un usuario malintencionado podría potencialmente recuperar los datos de sesión de otros usuarios de la apl... • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140590 • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-2071 – FactoryTalk View Machine Edition Vulnerable to Remote Code Execution
https://notcve.org/view.php?id=CVE-2023-2071
12 Sep 2023 — Rockwell Automation FactoryTalk View Machine Edition on the PanelView Plus, improperly verifies user’s input, which allows unauthenticated attacker to achieve remote code executed via crafted malicious packets. The device has the functionality, through a CIP class, to execute exported functions from libraries. There is a routine that restricts it to execute specific functions from two dynamic link library files. By using a CIP class, an attacker can upload a self-made library to the device which allows the ... • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140724 • CWE-20: Improper Input Validation CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 3%CPEs: 7EXPL: 0CVE-2023-2917 – Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2023-2917
17 Aug 2023 — The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability. Due to an improper input validation, a path traversal vulnerability exists, via the filename field, when the ThinManager processes a certain function. If exploited, an unauthenticated remote attacker can upload arbitrary files to any directory on the disk drive where ThinServer.exe is installed. A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and p... • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471 • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.4EPSS: 0%CPEs: 7EXPL: 0CVE-2023-2915 – Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2023-2915
17 Aug 2023 — The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, Due to improper input validation, a path traversal vulnerability exists when the ThinManager software processes a certain function. If exploited, an unauthenticated remote threat actor can delete arbitrary files with system privileges. A malicious user could exploit this vulnerability by sending a specifically crafted synchronization protocol message resulting in a denial-of-service condition. • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471 • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 1%CPEs: 7EXPL: 0CVE-2023-2914 – Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerabilitiy
https://notcve.org/view.php?id=CVE-2023-2914
17 Aug 2023 — The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, an integer overflow condition exists in the affected products. When the ThinManager processes incoming messages, a read access violation occurs and terminates the process. A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and causing a denial of service condition in the software. • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471 • CWE-20: Improper Input Validation CWE-190: Integer Overflow or Wraparound •
CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 0CVE-2023-2423 – Rockwell Automation Armor PowerFlex Vulnerable to Denial-Of-Service
https://notcve.org/view.php?id=CVE-2023-2423
08 Aug 2023 — A vulnerability was discovered in the Rockwell Automation Armor PowerFlex device when the product sends communications to the local event log. Threat actors could exploit this vulnerability by sending an influx of network commands, causing the product to generate an influx of event log traffic at a high rate. If exploited, the product would stop normal operations and self-reset creating a denial-of-service condition. The error code would need to be cleared prior to resuming normal operations. • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140371 • CWE-682: Incorrect Calculation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-2913 – Rockwell Automation ThinManager ThinServer Path Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2023-2913
18 Jul 2023 — An executable used in Rockwell Automation ThinManager ThinServer can be configured to enable an API feature in the HTTPS Server Settings. This feature is disabled by default. When the API is enabled and handling requests, a path traversal vulnerability exists that allows a remote actor to leverage the privileges of the server’s file system and read arbitrary files stored in it. A malicious user could exploit this vulnerability by executing a path that contains manipulating variables. • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140160 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •