CVSS: 7.8EPSS: 26%CPEs: 6EXPL: 0CVE-2023-27857 – Rockwell Automation ThinManager ThinServer Heap-Based Buffer Overflow
https://notcve.org/view.php?id=CVE-2023-27857
22 Mar 2023 — In affected versions, a heap-based buffer over-read condition occurs when the message field indicates more data than is present in the message field in Rockwell Automation's ThinManager ThinServer. An unauthenticated remote attacker can exploit this vulnerability to crash ThinServer.exe due to a read access violation. • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1138640 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 64%CPEs: 8EXPL: 0CVE-2023-27856 – Rockwell Automation ThinManager ThinServer Path Traversal Download
https://notcve.org/view.php?id=CVE-2023-27856
21 Mar 2023 — In affected versions, path traversal exists when processing a message of type 8 in Rockwell Automation's ThinManager ThinServer. An unauthenticated remote attacker can exploit this vulnerability to download arbitrary files on the disk drive where ThinServer.exe is installed. • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1138640 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 53%CPEs: 8EXPL: 0CVE-2023-27855 – Rockwell Automation ThinManager ThinServer Path Traversal Upload
https://notcve.org/view.php?id=CVE-2023-27855
21 Mar 2023 — In affected versions, a path traversal exists when processing a message in Rockwell Automation's ThinManager ThinServer. An unauthenticated remote attacker could potentially exploit this vulnerability to upload arbitrary files to any directory on the disk drive where ThinServer.exe is installed. The attacker could overwrite existing executable files with attacker-controlled, malicious contents, potentially causing remote code execution. • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1138640 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-0027 – Rockwell Automation Modbus TCP AOI Server Could Leak Sensitive Information
https://notcve.org/view.php?id=CVE-2023-0027
17 Mar 2023 — Rockwell Automation Modbus TCP Server AOI prior to 2.04.00 is vulnerable to an unauthorized user sending a malformed message that could cause the controller to respond with a copy of the most recent response to the last valid request. If exploited, an unauthorized user could read the connected device’s Modbus TCP Server AOI information. • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1138766 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 9EXPL: 0CVE-2023-0754
https://notcve.org/view.php?id=CVE-2023-0754
23 Feb 2023 — The affected products are vulnerable to an integer overflow or wraparound, which could allow an attacker to crash the server and remotely execute arbitrary code. The affected products are vulnerable to an integer overflow or wraparound, which could allow an attacker to crash the server and remotely execute arbitrary code. • https://www.cisa.gov/uscert/ics/advisories/icsa-23-054-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 1%CPEs: 9EXPL: 0CVE-2023-0755
https://notcve.org/view.php?id=CVE-2023-0755
23 Feb 2023 — The affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the server and remotely execute arbitrary code. • https://www.cisa.gov/uscert/ics/advisories/icsa-23-054-01 • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3156 – Rockwell Automation Studio 5000 Logix Emulate Vulnerable to a Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-3156
27 Dec 2022 — A remote code execution vulnerability exists in Rockwell Automation Studio 5000 Logix Emulate software. Users are granted elevated permissions on certain product services when the software is installed. Due to this misconfiguration, a malicious user could potentially achieve remote code execution on the targeted software. Existe una vulnerabilidad de ejecución remota de código en el software Rockwell Automation Studio 5000 Logix Emulate. A los usuarios se les otorgan permisos elevados sobre ciertos servicio... • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137846 • CWE-287: Improper Authentication •
CVSS: 8.6EPSS: 0%CPEs: 10EXPL: 0CVE-2022-3752 – Rockwell Automation GuardLogix and ControlLogix controllers Vulnerable to Denial-Of-Service Attack
https://notcve.org/view.php?id=CVE-2022-3752
19 Dec 2022 — An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic loading to cause a denial-of-service condition in Rockwell Automation Logix controllers resulting in a major non-recoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload the user project file to bring the device back online and continue normal operation. Un usuario no autorizado podría utilizar una secuencia especialmente manipulada de mensa... • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137664 • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 0%CPEs: 12EXPL: 0CVE-2022-3157 – Rockwell Automation GuardLogix and ControlLogix controllers Vulnerable to Denial-Of-Service Attack
https://notcve.org/view.php?id=CVE-2022-3157
16 Dec 2022 — A vulnerability exists in the Rockwell Automation controllers that allows a malformed CIP request to cause a major non-recoverable fault (MNRF) and a denial-of-service condition (DOS). Existe una vulnerabilidad en los controladores de Rockwell Automation que permite que una solicitud CIP con formato incorrecto cause una falla mayor no recuperable (MNRF) y una condición de Denegación de Servicio (DoS) (DOS). • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137757 • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 10EXPL: 0CVE-2022-46670 – Rockwell Automation MicroLogix 1100 & 1400 Vulnerable to Cross-Site Scripting Attack
https://notcve.org/view.php?id=CVE-2022-46670
16 Dec 2022 — Rockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution. The vulnerability is an unauthenticated stored cross-site scripting vulnerability in the embedded webserver. The payload is transferred to the controller over SNMP and is rendered on the homepage of the embedded website. Un investigador de seguridad d... • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137679 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •