Page 5 of 32 results (0.004 seconds)

CVSS: 8.7EPSS: 0%CPEs: 6EXPL: 0

A privilege escalation vulnerability exists in the affected products which could allow a malicious user with basic privileges to access functions which should only be available to users with administrative level privileges. If exploited, an attacker could read sensitive data, and create users. For example, a malicious user with basic privileges could perform critical functions such as creating a user with elevated privileges and reading sensitive information in the “views” section. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1681.html • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 8.7EPSS: 0%CPEs: 6EXPL: 0

Due to an improper input validation, an unauthenticated threat actor can send a malicious message to a monitor thread within Rockwell Automation ThinServer™ and cause a denial-of-service condition on the affected device. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1677.html • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 0%CPEs: 7EXPL: 0

Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke SQL injection into the program and cause a remote code execution condition on the Rockwell Automation ThinManager® ThinServer™. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1677.html • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 0%CPEs: 7EXPL: 0

Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke a local or remote executable and cause a remote code execution condition on the Rockwell Automation ThinManager® ThinServer™. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1677.html • CWE-20: Improper Input Validation •

CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0

A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further access within the system. Existe una vulnerabilidad de escalada de privilegios en el producto afectado. La vulnerabilidad permite a los usuarios con pocos privilegios editar scripts, eludir las listas de control de acceso y potencialmente obtener más acceso dentro del sistema. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1674.html • CWE-732: Incorrect Permission Assignment for Critical Resource •