CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0477 – Rockwell Automation FactoryTalk® AssetCentre Data Exposure Vulnerability
https://notcve.org/view.php?id=CVE-2025-0477
30 Jan 2025 — An encryption vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. The vulnerability exists due to a weak encryption methodology and could allow a threat actor to extract passwords belonging to other users of the application. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1721.html • CWE-522: Insufficiently Protected Credentials •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0497 – Rockwell Automation FactoryTalk® AssetCentre Data Exposure Vulnerability
https://notcve.org/view.php?id=CVE-2025-0497
30 Jan 2025 — A data exposure vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. The vulnerability exists due to storing credentials in the configuration file of EventLogAttachmentExtractor, ArchiveExtractor, LogCleanUp, or ArchiveLogCleanUp packages. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1721.html • CWE-522: Insufficiently Protected Credentials •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0498 – Rockwell Automation FactoryTalk® AssetCentre Data Exposure Vulnerability
https://notcve.org/view.php?id=CVE-2025-0498
30 Jan 2025 — A data exposure vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. The vulnerability exists due to insecure storage of FactoryTalk® Security user tokens, which could allow a threat actor to steal a token and, impersonate another user. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1721.html • CWE-522: Insufficiently Protected Credentials •
CVSS: 8.7EPSS: 0%CPEs: 21EXPL: 0CVE-2024-6207
https://notcve.org/view.php?id=CVE-2024-6207
14 Oct 2024 — CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the device. If exploited, a threat actor could help prevent access to the legitimate user and end connections to connected devices including the workstation. To recover the controllers, a download is required which ends any process that the controller is running. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1707.html • CWE-20: Improper Input Validation •
CVSS: 8.7EPSS: 0%CPEs: 11EXPL: 0CVE-2024-6077 – Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix® 5380 Vulnerable to DoS vulnerability via CIP
https://notcve.org/view.php?id=CVE-2024-6077
12 Sep 2024 — A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1963.html • CWE-20: Improper Input Validation •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45826 – ThinManager® Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-45826
12 Sep 2024 — CVE-2024-45826 IMPACT Due to improper input validation, a path traversal and remote code execution vulnerability exists when the ThinManager® processes a crafted POST request. If exploited, a user can install an executable file. CVE-2024-45826 IMPACT Due to improper input validation, a path traversal and remote code execution vulnerability exists when the ThinManager® processes a crafted POST request. If exploited, a user can install an executable file. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1700.html • CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45825 – 5015-U8IHFT Denial-of-Service Vulnerability via CIP Message
https://notcve.org/view.php?id=CVE-2024-45825
12 Sep 2024 — CVE-2024-45825 IMPACT A denial-of-service vulnerability exists in the affected products. The vulnerability occurs when a malformed CIP packet is sent over the network to the device and results in a major nonrecoverable fault causing a denial-of-service. CVE-2024-45825 IMPACT A denial-of-service vulnerability exists in the affected products. The vulnerability occurs when a malformed CIP packet is sent over the network to the device and results in a major nonrecoverable fault causing a denial-of-service. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1699.html • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45824 – FactoryTalk® View Site Edition Remote Code Execution Vulnerability via Lack of Input Validation
https://notcve.org/view.php?id=CVE-2024-45824
12 Sep 2024 — CVE-2024-45824 IMPACT A remote code vulnerability exists in the affected products. The vulnerability occurs when chained with Path Traversal, Command Injection, and XSS Vulnerabilities and allows for full unauthenticated remote code execution. The link in the mitigations section below contains patches to fix this issue. CVE-2024-45824 IMPACT A remote code vulnerability exists in the affected products. The vulnerability occurs when chained with Path Traversal, Command Injection, and XSS Vulnerabilities and a... • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1696.html • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7987 – Rockwell Automation ThinManager® ThinServer™ Information Disclosure and Remote Code Execution Vulnerabilities
https://notcve.org/view.php?id=CVE-2024-7987
22 Aug 2024 — A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™ that allows a threat actor to execute arbitrary code with System privileges. To exploit this vulnerability and a threat actor must abuse the ThinServer™ service by creating a junction and use it to upload arbitrary files. This vulnerability allows local attackers to escalate privileges on affected installations of Rockwell Automation ThinManager. An attacker must first obtain the ability to execute low-privilege... • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1692.html • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 3%CPEs: 1EXPL: 2CVE-2024-7988 – ThinManager® ThinServer™ Information Disclosure and Remote Code Execution Vulnerabilities
https://notcve.org/view.php?id=CVE-2024-7988
22 Aug 2024 — A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™ that allows a threat actor to execute arbitrary code with System privileges. This vulnerability exists due to the lack of proper data input validation, which allows files to be overwritten. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation ThinManager. Authentication is not required to exploit this vulnerability. The specific flaw exists within ... • https://github.com/hatvix1/CVE-2024-7988-Private-POC • CWE-20: Improper Input Validation •