Rockwell Vulnerabilità

Sequenza temporale

Genere

Prodotto

Rockwell Automation ArmorStart ST10
Rockwell Automation MicroLogix 140010
Rockwell Automation MicroLogix 11009
Rockwell Automation FactoryTalk AssetCentre9
Rockwell Automation ThinManager ThinServer8

Contromisure

Official Fix31
Temporary Fix0
Workaround14
Unavailable0
Not Defined137

Sfruttabilità

High1
Functional0
Proof-of-Concept6
Unproven1
Not Defined174

Accesso al vettore

Not Defined0
Physical0
Local28
Adjacent8
Network146

Autenticazione

Not Defined0
High9
Low44
None129

Interazione dell'utente

Not Defined0
Required45
None137

C3BM Index

CVSSv3 Base

≤10
≤20
≤31
≤48
≤517
≤622
≤741
≤848
≤926
≤1019

CVSSv3 Temp

≤10
≤20
≤31
≤48
≤520
≤622
≤741
≤848
≤923
≤1019

VulDB

≤10
≤20
≤39
≤421
≤514
≤634
≤721
≤853
≤911
≤1019

NVD

≤10
≤20
≤31
≤43
≤54
≤69
≤710
≤832
≤915
≤1024

CNA

≤10
≤20
≤30
≤40
≤57
≤66
≤77
≤826
≤912
≤1017

Fornitore

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 giorni

<1k36
<2k78
<5k67
<10k0
<25k0
<50k0
<100k0
≥100k1

Exploiter aujourd'hui

<1k149
<2k24
<5k8
<10k0
<25k0
<50k1
<100k0
≥100k0

Sfrutta il volume del mercato

🔴 CTI Attività

Affected Products (122): 0x (1), 1734-AENTR Series B (2), 1734-AENTR Series C (2), 1747-L5x (1), 1756 ControlLogix Communications Module (1), 1756 EN2 (1), 1756 EN3 (1), 1756-EN4 (1), 1768 CompactLogix (1), 1769 CompactLogix (1), 5000 Logix Designer (4), A Ethernet (3), Ab Micrologix Controller (1), Allen-Bradley CompactLogix 1769-L (1), Arena (2), Arena Simulation Software (7), Arena Simulation Software Cat. 9502-Ax (1), Armor PowerFlex (1), ArmorStart ST (10), Automation Arena (1), Automation Connected Components Workbench (3), Automation FactoryTalk Activation (1), Automation FactoryTalk Alarms (1), Automation Integrated Architecture Builder (1), Automation PanelView Plus (1), Automation RSLogix Micro Starter Lite (1), Compact GuardLogix (1), Compact GuardLogix 5370 (1), Compact GuardLogix 5380 (2), CompactLogix (1), CompactLogix 1768-EWEB (1), CompactLogix 5370 (2), CompactLogix 5370 L1 (2), CompactLogix 5370 L2 (1), CompactLogix 5370 L3 (1), CompactLogix 5380 (3), CompactLogix 5480 (2), CompactLogix GuardLogix (1), Connected Component Workbench (1), Connected Components Workbench (6), ControlFLASH (4), ControlFLASH Plus (4), ControlLogix (2), ControlLogix 5550 (1), ControlLogix 5560 (1), ControlLogix 5570 (3), ControlLogix 5580 (3), ControlLogix controllers (8), Controllogix 1756-ENBT (3), DriveLogix 5730 (1), DriveTools SP (1), Drives AOP (1), Enhanced HIM (1), EtherNet-IP Web Server Module 1756-EWEB (1), Events (1), FactoryTalk (2), FactoryTalk AssetCentre (9), FactoryTalk Asset Centre (4), FactoryTalk Diagnostics Viewer (1), FactoryTalk EnergyMetrix (2), FactoryTalk Linx (8), FactoryTalk Linx CommDTM (4), FactoryTalk Linx Software (2), FactoryTalk Service Platform (1), FactoryTalk Services Platform (10), FactoryTalk System Services (3), FactoryTalk Transaction Manager (1), FactoryTalk VantagePoint (3), FactoryTalk View SE (5), FactoryTalk View SEA (1), FactoryTalk View Site Edition (1), Flex IO (1), FlexLogix 1794-L34 (1), GuardLogix (2), GuardLogix 5560 (1), GuardLogix 5570 (2), GuardLogix 5580 (2), IP Bridge (3), ISaGRAF (1), ISaGRAF Runtime (5), ISaGRAF Workbench (4), Kinetix 5500 (1), Kinetix 5700 (1), Logix5000 (1), Logix Controllers (1), Logix Designer Software (2), Logix Designer Studio 5000 (1), Micro800 (1), MicroLogix (3), MicroLogix 1100 (16), MicroLogix 1400 (16), MicroLogix 1400 Controller (1), Modbus TCP Server AOI (1), PLC5 (1), PanelView 5510 (1), PanelView Plus (1), Pavilion8 (1), PowerFlex 525 AC Drives (1), PowerMonitor (1), PowerMonitor 1000 (2), RSLinx Classic (13), RSLinx Enterprise (4), RSLinx Enterprise Software (1), RSLogix 500 (4), RSLogix 500 Professional Edition (1), RSLogix 500 Standard Edition (1), RSLogix 500 Starter Edition (1), RSLogix 1785-Lx (1), RSLogix 5000 (1), RSLogix Micro Developer (1), RSNetWorx Software (2), RSView32 (1), Rslogix 5000 Design And Configuration Software (1), SLC5 (1), Safety Instrumented Systems Workstation (1), SoftLogix 5800 (1), Studio 5000 Launcher (4), Studio 5000 Logix Designer (1), Studio 5000 Logix Emulate (1), ThinManager (1), ThinManager ThinServer (8), select 1756-EN (1)

Data di pubblicazioneBaseTempVulnerabilitàProdSfrConCTIEPSSCVE
31/01/20243.73.6Rockwell Automation FactoryTalk Service Platform FTSP Service autenticazione deboleAutomation SoftwareNot DefinedOfficial Fix0.000.00000CVE-2024-21917
31/01/20247.57.2Rockwell Automation ControlLogix 5570/GuardLogix 5570 buffer overflowAutomation SoftwareNot DefinedOfficial Fix0.030.00000CVE-2024-21916
26/10/20237.57.3Rockwell Automation FactoryTalk View Site Edition denial of serviceAutomation SoftwareNot DefinedOfficial Fix0.000.00044CVE-2023-46289
26/10/20238.17.9Rockwell Automation FactoryTalk Services Platform autenticazione deboleAutomation SoftwareNot DefinedOfficial Fix0.000.00063CVE-2023-46290
26/10/20237.57.4Rockwell Automation Arena Malformed File Local Privilege EscalationAutomation SoftwareNot DefinedOfficial Fix0.050.00049CVE-2023-27858
26/10/20237.57.4Rockwell Automation Arena Malformed File rivelazione di un 'informazioneAutomation SoftwareNot DefinedOfficial Fix0.030.00049CVE-2023-27854
13/10/20237.57.5Rockwell Automation PanelView Plus FactoryTalk Linx rivelazione di un 'informazioneAutomation SoftwareNot DefinedNot Defined0.030.00070CVE-2023-29464
20/09/20239.89.8Rockwell Automation select 1756-EN CIP Request buffer overflowAutomation SoftwareNot DefinedNot Defined0.030.00138CVE-2023-2262
13/09/20237.77.7Rockwell Automation Pavilion8 JMX Console autenticazione deboleAutomation SoftwareNot DefinedNot Defined0.000.00045CVE-2023-29463
12/09/20239.89.8Rockwell Automation FactoryTalk escalazione di privilegiAutomation SoftwareNot DefinedNot Defined0.000.00075CVE-2023-2071
17/08/20238.58.5Rockwell Automation ThinManager ThinServer ThinServer.exe escalazione di privilegiAutomation SoftwareNot DefinedNot Defined0.040.00099CVE-2023-2917
17/08/20236.46.4Rockwell Automation ThinManager ThinServer buffer overflowAutomation SoftwareNot DefinedNot Defined0.000.00052CVE-2023-2914
17/08/20237.07.0Rockwell Automation ThinManager ThinServer directory traversalAutomation SoftwareNot DefinedNot Defined0.000.00093CVE-2023-2915
08/08/20236.86.7Rockwell Automation Armor PowerFlex Event Log denial of serviceAutomation SoftwareNot DefinedOfficial Fix0.000.00044CVE-2023-2423
18/07/20236.46.4Rockwell Automation ThinManager ThinServer API directory traversalAutomation SoftwareNot DefinedNot Defined0.000.00050CVE-2023-2913
18/07/20236.46.3Rockwell Automation Kinetix 5700 ENIP Connection denial of serviceAutomation SoftwareNot DefinedOfficial Fix0.040.00044CVE-2023-2263
12/07/20237.57.5Rockwell Automation 1756-EN4 CIP Message denial of serviceAutomation SoftwareNot DefinedNot Defined0.040.00044CVE-2023-3596
12/07/20239.89.8Rockwell Automation 1756 EN2/1756 EN3 CIP Message buffer overflowAutomation SoftwareNot DefinedNot Defined0.020.00139CVE-2023-3595
11/07/20236.96.9Rockwell Automation Enhanced HIM cross site request forgeryAutomation SoftwareNot DefinedNot Defined0.000.00058CVE-2023-2746
11/07/20236.56.5Rockwell Automation PowerMonitor cross site scriptingAutomation SoftwareNot DefinedNot Defined0.000.00130CVE-2023-2072
14/06/20234.14.1Rockwell Automation FactoryTalk System Services Feedback escalazione di privilegiAutomation SoftwareNot DefinedNot Defined0.000.00044CVE-2023-2639
14/06/20235.65.6Rockwell Automation FactoryTalk System Services Backup Configuration FTSSBackupRestore.exe autenticazione deboleAutomation SoftwareNot DefinedNot Defined0.000.00043CVE-2023-2638
14/06/20236.96.9Rockwell Automation FactoryTalk System Services crittografia deboleAutomation SoftwareNot DefinedNot Defined0.000.00043CVE-2023-2637
14/06/20236.46.4Rockwell Automation FactoryTalk Transaction Manager Service Port 400 denial of serviceAutomation SoftwareNot DefinedNot Defined0.030.00044CVE-2023-2778
11/05/20236.76.7Rockwell Automation FactoryTalk VantagePoint cross site request forgeryAutomation SoftwareNot DefinedNot Defined0.000.00058CVE-2023-2444

157 non vengono visualizzate più voci

Might our Artificial Intelligence support you?

Check our Alexa App!