cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-0477,https://securityvulnerability.io/vulnerability/CVE-2025-0477,Weak Encryption Vulnerability in Rockwell Automation FactoryTalk® AssetCentre,"An encryption vulnerability has been identified in Rockwell Automation's FactoryTalk® AssetCentre, affecting all versions prior to V15.00.001. This issue arises from a weak encryption methodology, which could potentially enable threat actors to extract user passwords. Organizations using vulnerable versions are urged to upgrade promptly to safeguard sensitive data and maintain the integrity of their operations.",Rockwell Automation,Factorytalk® Assetcentre,9.3,CRITICAL,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-30T17:49:03.933Z,185
CVE-2025-0497,https://securityvulnerability.io/vulnerability/CVE-2025-0497,Data Exposure Vulnerability in Rockwell Automation FactoryTalk® AssetCentre,"A vulnerability exists in previous versions of Rockwell Automation's FactoryTalk® AssetCentre, where sensitive credentials are improperly stored in the configuration files of various packages, including EventLogAttachmentExtractor and ArchiveExtractor. This could potentially allow unauthorized access to critical information, compromising the integrity and confidentiality of sensitive data.",Rockwell Automation,Factorytalk® Assetcentre,7.3,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-30T17:40:51.775Z,0
CVE-2025-0498,https://securityvulnerability.io/vulnerability/CVE-2025-0498,Data Exposure Vulnerability in Rockwell Automation FactoryTalk® AssetCentre,"A data exposure vulnerability exists in all versions of Rockwell Automation FactoryTalk® AssetCentre prior to V15.00.001. This issue stems from the insecure storage of FactoryTalk® Security user tokens. As a result, malicious actors could potentially exploit this vulnerability to steal user tokens, thereby impersonating other users and gaining unauthorized access to sensitive information.",Rockwell Automation,Factorytalk® Assetcentre,7,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-30T17:36:12.542Z,0
CVE-2025-24482,https://securityvulnerability.io/vulnerability/CVE-2025-24482,Local Code Injection Vulnerability in Rockwell Automation Products,"A significant local code injection vulnerability has been identified in the FactoryTalk Services Platform. This issue arises from incorrect default permissions, enabling the execution of DLL files with escalated privileges. This behavior poses a risk of unauthorized code execution, potentially compromising system integrity and security. Users are advised to review their configurations and apply necessary updates to mitigate the potential risks associated with this vulnerability.",Rockwell Automation,Factorytalk® View Site Edition,7,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-28T20:59:50.868Z,0
CVE-2025-24481,https://securityvulnerability.io/vulnerability/CVE-2025-24481,Incorrect Permission Assignment Vulnerability in Rockwell Automation Products,"A vulnerability has been identified in Rockwell Automation’s Remote Debugger that stems from improper permission assignments to its remote debugger port. This oversight can result in unauthenticated access to sensitive system configurations, potentially allowing unauthorized users to manipulate system settings and increase the risk of exploitative actions within the environment.",Rockwell Automation,Factorytalk® View Site Edition,7,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-28T20:55:54.833Z,0
CVE-2025-24480,https://securityvulnerability.io/vulnerability/CVE-2025-24480,Remote Code Execution Vulnerability in Rockwell Automation Product,"A significant remote code execution vulnerability has been identified in Rockwell Automation's industrial software. This issue arises from inadequate input sanitization processes, which could be exploited by a remote attacker to execute arbitrary commands or code with elevated privileges. As a result, this vulnerability poses serious risks, making it essential for affected users to take immediate action to secure their systems against potential exploitation.",Rockwell Automation,Factorytalk® View Machine Edition,9.3,CRITICAL,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-28T19:01:41.484Z,0
CVE-2025-24479,https://securityvulnerability.io/vulnerability/CVE-2025-24479,Local Code Execution Vulnerability in Windows by Rockwell Automation,"A Local Code Execution vulnerability exists in Windows products due to a default setting, potentially allowing attackers to gain elevated access to the Command Prompt. This vulnerability compromises system integrity and opens up avenues for unauthorized operations, making it critical for users to apply the necessary patches and mitigate risks as outlined by Rockwell Automation in their advisory.",Rockwell Automation,Factorytalk View Machine Edition,8.6,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-28T18:52:18.429Z,0
CVE-2025-24478,https://securityvulnerability.io/vulnerability/CVE-2025-24478,Denial-of-Service Vulnerability in Rockwell Automation Products,"A denial-of-service vulnerability has been identified within Rockwell Automation products that allows remote, non-privileged users to exploit the system. By sending specially crafted requests, an attacker could trigger a nonrecoverable fault, rendering the affected system inoperable. This vulnerability poses significant risks to operational continuity, emphasizing the need for immediate remediation to safeguard against potential exploitation.",Rockwell Automation,"Guardlogix 5580 Sil 3,Compact Guardlogix 5380 Sil 3",7.1,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-28T18:41:30.887Z,0
CVE-2025-0631,https://securityvulnerability.io/vulnerability/CVE-2025-0631,Credential Exposure Vulnerability in Rockwell Automation Products,"A credential exposure vulnerability in Rockwell Automation products occurs when sensitive information is transmitted using HTTP. This practice leads to credentials being sent in clear text, making them susceptible to interception by malicious actors. Organizations using affected Rockwell Automation products must ensure secure communication protocols are in place to safeguard against potential exploits.",Rockwell Automation,Powerflex 755,8.7,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-28T18:27:32.084Z,0
CVE-2025-0659,https://securityvulnerability.io/vulnerability/CVE-2025-0659,Path Traversal Vulnerability in Rockwell Automation DataEdge Platform,"A path traversal vulnerability exists in the Rockwell Automation DataEdge Platform DataMosaix Private Cloud, enabling threat actors with admin privileges to exploit the vulnerable endpoint. By providing a specific character sequence in the request body, these actors can manipulate the file system, leading to the potential overwriting of sensitive files, including user reports and projects, beyond the intended directory. This vulnerability poses risks for data integrity and security, necessitating immediate attention from administrators.",Rockwell Automation,Dataedgeplatform Datamosaix™ Private Cloud,7,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-28T15:16:38.188Z,0
CVE-2024-11364,https://securityvulnerability.io/vulnerability/CVE-2024-11364,Code Execution Vulnerability Affecting Rockwell Automation Arena,"CVE-2024-11364 is a high-risk code execution vulnerability identified in Rockwell Automation's Arena® software. This vulnerability arises from an uninitialized variable that can be exploited by threat actors to execute arbitrary code. An attacker can craft a malicious DOE file that necessitates execution by a legitimate user, leading to potential unauthorized actions within the software environment. Due to the nature of this vulnerability, it represents a significant threat to the integrity and security of systems utilizing Arena® without adequate mitigations. Users are strongly advised to apply security patches and follow best practices to safeguard their systems.",Rockwell Automation,Arena®,7.3,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-19T21:04:52.473Z,0
CVE-2024-12175,https://securityvulnerability.io/vulnerability/CVE-2024-12175,Exploring Code Execution Vulnerabilities in Rockwell Automation Arena®,"CVE-2024-12175 is a high-risk vulnerability classified as a 'use after free' code execution flaw affecting Rockwell Automation's Arena® software. This vulnerability allows a threat actor to manipulate the software by crafting a malformed DOE file that exploits a previously released resource. If successfully executed, this could permit the adversary to run arbitrary code within the application environment. To execute this exploit, the victim, typically a legitimate user, must unknowingly run the malicious code provided by the attacker. The implications of this vulnerability can lead to severe security breaches, making it essential for users to apply the latest security patches and remain vigilant against such exploits.",Rockwell Automation,Arena®,7.8,HIGH,0.00046999999904073775,false,,false,false,false,,,false,false,,2024-12-19T20:53:22.926Z,0
CVE-2024-11157,https://securityvulnerability.io/vulnerability/CVE-2024-11157,Memory Boundary Vulnerability in Rockwell Automation Arena Software,"CVE-2024-11157 is a significant vulnerability found in Rockwell Automation Arena®, a simulation software widely used in industrial settings. This flaw allows attackers to conduct memory boundary violations when processing certain DOE files, enabling them to execute arbitrary code with the privileges of a legitimate user. The exploitation of this vulnerability requires an unsuspecting user to run malicious code crafted by the threat actor, potentially leading to severe data breaches or operational disruptions. Users of the affected versions should apply security patches immediately to mitigate risks.",Rockwell Automation,Arena®,7.3,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-19T20:48:35.802Z,0
CVE-2024-12130,https://securityvulnerability.io/vulnerability/CVE-2024-12130,Threat Actor Could Execute Arbitrary Code via Out of Bounds Read Vulnerability in Rockwell Automation Arena®,"An out of bounds read vulnerability in Rockwell Automation Arena allows a targeted attacker to craft a malicious DOE file that prompts the software to access memory beyond its allocated limits. This situation could be exploited to execute arbitrary code if a legitimate user unwittingly runs the compromised file. This vulnerability highlights the potential dangers associated with improperly handled memory access in software applications, urging users to remain vigilant and apply necessary security measures as soon as updates become available.",Rockwell Automation,Arena®,7.8,HIGH,0.00046999999904073775,false,,false,false,false,,,false,false,,2024-12-05T17:47:21.917Z,0
CVE-2024-11156,https://securityvulnerability.io/vulnerability/CVE-2024-11156,"Threat Actor Could Write Beyond Memory Boundaries in Rockwell Automation Arena®, Executing Arbitrary Code","A vulnerability exists in Rockwell Automation Arena® that permits an out of bounds write condition, potentially leading to arbitrary code execution. This flaw allows a threat actor, with access to a legitimate user's environment, to craft malicious code that, when executed, can write beyond the limits of allocated memory in a DOE file. Exploitation of this vulnerability requires that the user runs the compromised code, underscoring the importance of user awareness and stringent security practices to mitigate risks.",Rockwell Automation,Arena®,7.8,HIGH,0.00046999999904073775,false,,false,false,false,,,false,false,,2024-12-05T17:37:09.718Z,0
CVE-2024-10387,https://securityvulnerability.io/vulnerability/CVE-2024-10387,CVE-2024-10387 IMPACT: Denial-of-Service Vulnerability,"A Denial-of-Service vulnerability exists in the products of Rockwell Automation, allowing attackers with network access to send specially crafted messages. This could potentially disrupt the service, leading to operational downtime and loss of availability. Organizations using affected Rockwell Automation products should remain vigilant to ensure robust cybersecurity measures are in place to mitigate potential risks associated with this vulnerability.",Rockwell Automation,Factorytalk Thinmanager,7.5,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-10-25T17:04:36.334Z,0
CVE-2024-10386,https://securityvulnerability.io/vulnerability/CVE-2024-10386,Database Manipulation Vulnerability Affects Affected Product,"An authentication vulnerability identified in Rockwell Automation's industrial control systems permits unauthorized network access. A threat actor can exploit this vulnerability by sending specially crafted messages to the affected devices, potentially allowing for unauthorized database manipulation. This highlights significant security risks associated with the management of industrial control systems, emphasizing the need for timely patches and robust security measures to mitigate potential exploits.",Rockwell Automation,Factorytalk Thinmanager,9.8,CRITICAL,0.0007200000109151006,false,,false,false,false,,,false,false,,2024-10-25T17:04:34.000Z,0
CVE-2024-6207,https://securityvulnerability.io/vulnerability/CVE-2024-6207,Exploitable Vulnerability Could Prevent Access to Legitimate Users and End Connections to Connected Devices,"The vulnerability allows a threat actor to exploit a flaw in the processing of specially crafted CIP messages sent to Rockwell Automation Controllers. This can lead to unauthorized disruption of service, preventing legitimate users from gaining access and possibly severing connections to devices within the network, including workstations. Recovery from such an incident necessitates a download process, which forcibly halts any ongoing controller operations, impacting production and operational efficiency.",Rockwell Automation,"Controllogix® 5580,Controllogix® 5580 Process,Guardlogix 5580,Compactlogix 5380,Compact Guardlogix 5380 Sil 2,Compact Guardlogix 5380 Sil 3,Compactlogix 5480,Factorytalk® Logix Echo",7.5,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-10-14T21:15:00.000Z,0
CVE-2024-7847,https://securityvulnerability.io/vulnerability/CVE-2024-7847,RSLogix™ 5 and RSLogix 500® Remote Code Execution Via VBA Embedded Script,"A vulnerability exists in Rockwell Automation's software products that permits the execution of arbitrary code via a maliciously crafted project file. The affected feature allows users to prepare project files containing embedded VBA scripts. When a user opens an infected RSP/RSS project file, the script can execute without user interaction, potentially leading to unauthorized remote code execution. This exploitation can affect the integrity of connected devices and systems. Organizations utilizing affected versions should take immediate steps to mitigate risks associated with this vulnerability.",Rockwell Automation,"Rslogix 500®,Rslogix™ Micro Developer And Starter,Rslogix™ 5",7.7,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-14T14:15:00.000Z,0
CVE-2024-45824,https://securityvulnerability.io/vulnerability/CVE-2024-45824,Remote Code Execution Vulnerability in Rockwell Automation Products,"A significant remote code execution vulnerability exists in certain Rockwell Automation products. This vulnerability is particularly dangerous as it can be exploited through a combination of Path Traversal, Command Injection, and Cross-Site Scripting (XSS) vulnerabilities. Successful exploitation enables an attacker to execute arbitrary code on the affected systems without requiring authentication, potentially leading to unauthorized access and control over critical systems. Users are urged to review the provided mitigation guidelines to safeguard against this vulnerability.",Rockwell Automation,Factorytalk View,9.8,CRITICAL,0.001019999966956675,false,,false,false,false,,,false,false,,2024-09-12T14:16:00.000Z,0
CVE-2024-6089,https://securityvulnerability.io/vulnerability/CVE-2024-6089,Rockwell Automation Major nonrecoverable fault in 5015 – AENFTXT,"An input validation flaw has been detected in Rockwell Automation's 5015 - AENFTXT model. This vulnerability occurs when a specially crafted Precision Time Protocol (PTP) packet is sent to the device, potentially leading to a significant nonrecoverable fault in the secondary adapter. Exploitation of this vulnerability necessitates a complete power cycle of the affected product to regain normal functionality, which could disrupt operations and pose challenges in critical environments.",Rockwell Automation,5015 - Aenftxt,7.5,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-07-16T17:15:00.000Z,0
CVE-2024-6435,https://securityvulnerability.io/vulnerability/CVE-2024-6435,Rockwell Automation Privilege Escalation Vulnerability in Pavilion8®,A privilege escalation vulnerability in Rockwell Automation products allows users with basic access rights to inadvertently gain access to functionalities typically restricted to administrators. This means that attackers can potentially read sensitive data or create new user accounts with escalated privileges. Such unauthorized access could lead to significant security breaches and unauthorized manipulation of critical system settings.,Rockwell Automation,Pavilion8®,8.8,HIGH,0.0005000000237487257,false,,false,false,false,,,false,false,,2024-07-16T13:15:00.000Z,0
CVE-2024-5990,https://securityvulnerability.io/vulnerability/CVE-2024-5990,Rockwell Automation ThinServer™ Vulnerability: Unauthenticated Denial-of-Service Attack,"An improper input validation vulnerability in Rockwell Automation's ThinServer™ permits unauthenticated threat actors to send crafted messages to a monitor thread. This exploitation can result in a denial-of-service condition, rendering the affected device inoperable. Users of ThinServer™ are advised to review the security advisory for mitigation steps.",Rockwell Automation,Thinmanager® Thinserver™,7.5,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-06-25T16:11:01.407Z,0
CVE-2024-5989,https://securityvulnerability.io/vulnerability/CVE-2024-5989,Rockwell Automation ThinManager® ThinServer™ Vulnerable to SQL Injection,"An improper input validation vulnerability allows unauthenticated attackers to send specially crafted messages to the Rockwell Automation ThinManager® ThinServer™. This vulnerability enables the execution of SQL injection attacks, potentially allowing the attacker to manipulate database queries and trigger remote code execution. The risk posed by this vulnerability emphasizes the need for robust input validation measures in the affected product to safeguard against unauthorized access and exploitation.",Rockwell Automation,Thinmanager® Thinserver™,9.8,CRITICAL,0.0007099999929778278,false,,false,false,false,,,false,false,,2024-06-25T16:01:39.103Z,0
CVE-2024-5988,https://securityvulnerability.io/vulnerability/CVE-2024-5988,Remote Code Execution Vulnerability in Rockwell Automation ThinManager® ThinServer™,"The vulnerability in Rockwell Automation ThinManager ThinServer arises from improper input validation, enabling unauthenticated threat actors to send malicious messages. These messages can trigger the execution of local or remote executables, potentially leading to unauthorized access and further exploits within the system. Users of affected versions are strongly advised to apply necessary updates and review security practices to mitigate risks associated with this vulnerability.",Rockwell Automation,Thinmanager® Thinserver™,9.8,CRITICAL,0.0007099999929778278,false,,false,false,false,,,false,false,,2024-06-25T15:53:33.899Z,0