CVSS: 9.3EPSS: 2%CPEs: 5EXPL: 0CVE-2016-5814 – Rockwell Automation RSLogix Micro Starter Lite Project File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-5814
Buffer overflow in Rockwell Automation RSLogix Micro Starter Lite, RSLogix Micro Developer, RSLogix 500 Starter Edition, RSLogix 500 Standard Edition, and RSLogix 500 Professional Edition allows remote attackers to execute arbitrary code via a crafted RSS project file. Desbordamiento de búfer en Rockwell Automation RSLogix Micro Starter Lite, RSLogix Micro Developer, RSLogix 500 Starter Edition, RSLogix 500 Standard Edition y RSLogix 500 Professional Edition permite a atacantes remotos ejecutar código arbitrario a través de un archivo de proyecto RSS manipulado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Rockwell Automation RSLogix Micro Starter Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of a RSS (project) file. The issue lies in the failure to properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. • http://www.securityfocus.com/bid/92983 https://ics-cert.us-cert.gov/advisories/ICSA-16-224-02 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 13%CPEs: 6EXPL: 0CVE-2016-5645
https://notcve.org/view.php?id=CVE-2016-5645
Rockwell Automation MicroLogix 1400 PLC 1766-L32BWA, 1766-L32AWA, 1766-L32BXB, 1766-L32BWAA, 1766-L32AWAA, and 1766-L32BXBA devices have a hardcoded SNMP community, which makes it easier for remote attackers to load arbitrary firmware updates by leveraging knowledge of this community. Dispositivos Rockwell Automation MicroLogix 1400 PLC 1766-L32BWA, 1766-L32AWA, 1766-L32BXB, 1766-L32BWAA, 1766-L32AWAA y 1766-L32BXBA tienen una comunidad SNMP codificada, lo que facilita a atacantes remotos cargar actualizaciones de firmware arbitrarias aprovechando el conocimiento de esta comunidad. • http://www.securityfocus.com/bid/92428 https://ics-cert.us-cert.gov/advisories/ICSA-16-224-01 • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4522
https://notcve.org/view.php?id=CVE-2016-4522
SQL injection vulnerability in Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Vulnerabilidad de inyección SQL en Rockwell Automation FactoryTalk EnergyMetrix en versiones anteriores a 2.20.00 permite a atacantes remotos ejecutar comandos SQL arbitrarios a través de vectores no especificados. • http://www.securityfocus.com/bid/92135 https://ics-cert.us-cert.gov/advisories/ICSA-16-173-03 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4531
https://notcve.org/view.php?id=CVE-2016-4531
Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon a logout action, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. Rockwell Automation FactoryTalk EnergyMetrix en versiones anteriores a 2.20.00 no invalida credenciales sobre una acción de cierre de sesión, lo que facilita a atacantes remotos obtener acceso aprovechando una estación de servicio desatendida. • http://www.securityfocus.com/bid/92135 https://ics-cert.us-cert.gov/advisories/ICSA-16-173-03 • CWE-285: Improper Authorization •
CVSS: 6.9EPSS: 0%CPEs: 3EXPL: 0CVE-2016-2277
https://notcve.org/view.php?id=CVE-2016-2277
IAB.exe in Rockwell Automation Integrated Architecture Builder (IAB) before 9.6.0.8 and 9.7.x before 9.7.0.2 allows remote attackers to execute arbitrary code via a crafted project file. IAB.exe en Rockwell Automation Integrated Architecture Builder (IAB) en versiones anteriores a 9.6.0.8 y 9.7.x en versiones anteriores a 9.7.0.2 permite a atacantes remotos ejecutar código arbitrario a través de un archivo project manipulado. • https://ics-cert.us-cert.gov/advisories/ICSA-16-056-01 • CWE-284: Improper Access Control •