Search Results (390 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-11696 1 Rockwellautomation 1 Studio 5000 Simulation Interface 2026-04-15 N/A
A local server-side request forgery (SSRF) security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to trigger outbound SMB requests, enabling the capture of NTLM hashes.
CVE-2025-13823 1 Rockwellautomation 3 Micro820, Micro850, Micro870 2026-04-15 N/A
A security issue was found in the IPv6 stack in the Micro850 and Micro870 controllers when the controllers received multiple malformed packets during fuzzing. The controllers will go into recoverable fault with fault code 0xFE60. To recover the controller, clear the fault.
CVE-2025-14377 1 Rockwellautomation 1 Verve Asset Manager 2026-04-15 N/A
A security issue was discovered within the legacy Ansible playbook component of Verve Asset Manager, caused by plaintext secrets incorrectly stored when a playbook is running. This component has been retired and has been optional since the 1.36 release in 2024.
CVE-2024-10944 1 Rockwellautomation 1 Factorytalk Updater 2026-04-15 8.4 High
A Remote Code Execution vulnerability exists in the affected product. The vulnerability requires a high level of permissions and exists due to improper input validation resulting in the possibility of a malicious Updated Agent being deployed.
CVE-2025-7693 1 Rockwellautomation 1 Micro800 2026-04-15 N/A
A security issue exists due to improper handling of malformed CIP Forward Close packets during fuzzing. The controller enters a solid red Fault LED state and becomes unresponsive. Upon power cycle, the controller will enter recoverable fault where the MS LED and Fault LED become flashing red and reports fault code 0xF015. To recover, clear the fault.
CVE-2025-14027 1 Rockwellautomation 1 Controllogix 2026-04-15 N/A
Multiple denial-of-service vulnerabilities exist in the affected product. These issues can be triggered through various crafted inputs, including malformed Class 3 messages, memory leak conditions, and other resource exhaustion scenarios. Exploitation may cause the device to become unresponsive and, in some cases, result in a major nonrecoverable fault. Recovery may require a restart.
CVE-2025-14376 1 Rockwellautomation 1 Verve Asset Manager 2026-04-15 N/A
A security issue was discovered within the legacy ADI server component of Verve Asset Manager, caused by plaintext secrets stored in environment variables on the ADI server. This component has been retired and has been optional since the 1.36 release in 2024.
CVE-2025-11084 1 Rockwellautomation 1 Factorytalk 2026-04-15 N/A
A security issue exists within DataMosaix™ Private Cloud, allowing attackers to bypass MFA during setup and obtain a valid login-token cookie without knowing the users password. This vulnerability occurs when MFA is enabled but not completed within a 7-day period.
CVE-2025-7353 1 Rockwellautomation 1 Controllogix 2026-04-15 N/A
A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix® Ethernet Modules. If a specific IP address is used to connect to the WDB agent, it can allow remote attackers to perform memory dumps, modify memory, and control execution flow.
CVE-2025-7973 1 Rockwellautomation 1 Factorytalk View 2026-04-15 N/A
A security issue exists in FactoryTalk ViewPoint version 14.0 or below due to improper handling of MSI repair operations. During a repair, attackers can hijack the cscript.exe console window, which runs with SYSTEM privileges. This can be exploited to spawn an elevated command prompt, enabling full privilege escalation.
CVE-2025-9036 1 Rockwellautomation 1 Factorytalk Action Manager 2026-04-15 N/A
A security issue in the runtime event system allows unauthenticated connections to receive a reusable API token. This token is broadcasted over a WebSocket and can be intercepted by any local client listening on the connection.
CVE-2025-11697 1 Rockwellautomation 1 Studio 5000 Simulation Interface 2026-04-15 N/A
A local code execution security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to extract files using path traversal sequences, resulting in execution of scripts with Administrator privileges on system reboot.
CVE-2025-9368 1 Rockwellautomation 1 432es-ig3 Series A 2026-04-15 N/A
A security issue exists within 432ES-IG3 Series A, which affects GuardLink® EtherNet/IP Interface, resulting in denial-of-service. A manual power cycle is required to recover the device.
CVE-2019-25276 1 Rockwellautomation 2 Factorytalk Activation, Studio 2026-04-15 7.8 High
Studio 5000 Logix Designer 30.01.00 contains an unquoted service path vulnerability in the FactoryTalk Activation Service that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\ to inject malicious code that would execute with LocalSystem permissions.
CVE-2025-11743 1 Rockwellautomation 1 Compactlogix 5370 2026-04-15 N/A
A denial-of-service security issue in the affected product. The security issue occurs when a malformed CIP forward open message is sent. This could result in a major nonrecoverable fault a restart is required to recover.
CVE-2024-9412 1 Rockwellautomation 1 Verve Asset Manager 2026-04-15 N/A
An improper authorization vulnerability exists in the Rockwell Automation affected products that could allow an unauthorized user to sign in. While removal of all role mappings is unlikely, it could occur in the case of unexpected or accidental removal by the administrator. If exploited, an unauthorized user could access data they previously but should no longer have access to.
CVE-2025-12807 1 Rockwellautomation 1 Factorytalk Datamosaix Private Cloud 2026-04-15 N/A
A security issue was discovered in DataMosaix Private Cloud, allowing users with low privilege to perform sensitive database operations through exposed API endpoints.
CVE-2024-10943 1 Rockwellautomation 1 Factorytalk Updater 2026-04-15 9.1 Critical
An authentication bypass vulnerability exists in the affected product. The vulnerability exists due to shared secrets across accounts and could allow a threat actor to impersonate a user if the threat actor is able to enumerate additional information required during authentication.
CVE-2024-10945 1 Rockwellautomation 1 Factorytalk Updater 2026-04-15 7.3 High
A Local Privilege Escalation vulnerability exists in the affected product. The vulnerability requires a local, low privileged threat actor to replace certain files during update and exists due to a failure to perform proper security checks before installation.
CVE-2025-9042 1 Rockwellautomation 1 Flex 5000 Io 2026-04-15 N/A
A security issue exists due to improper handling of CIP Class 32’s request when a module is inhibited on the 5094-IY8 device. It causes the module to enter a fault state with the Module LED flashing red. Upon un-inhibiting, the module returns a connection fault (Code 16#0010), and the module cannot recover without a power cycle.