Filtered by vendor Rockwellautomation
Subscriptions
Total
379 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-7033 | 1 Rockwellautomation | 2 Arena, Arena Simulation | 2026-02-26 | 7.8 High |
| A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force Arena Simulation to read and write past the end of memory space. Successful use requires user action, such as opening a bad file or webpage. If used, a threat actor could execute code or disclose information. | ||||
| CVE-2023-5909 | 4 Ge, Ptc, Rockwellautomation and 1 more | 8 Industrial Gateway Server, Keepserverex, Opc-aggregator and 5 more | 2026-02-25 | 7.5 High |
| KEPServerEX does not properly validate certificates from clients which may allow unauthenticated users to connect. | ||||
| CVE-2019-10954 | 1 Rockwellautomation | 10 Armor Compact Guardlogix 5370, Armor Compact Guardlogix 5370 Firmware, Compact Guardlogix 5370 and 7 more | 2026-02-20 | 7.5 High |
| An attacker could send crafted SMTP packets to cause a denial-of-service condition where the controller enters a major non-recoverable faulted state (MNRF) in CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370 controllers, and Armor Compact GuardLogix 5370 Controllers Versions 20 - 30 and earlier. | ||||
| CVE-2019-10952 | 1 Rockwellautomation | 8 Armor Compact Guardlogix 5370, Armor Compact Guardlogix 5370 Firmware, Compactlogix 5370 L1 and 5 more | 2026-02-20 | 9.8 Critical |
| An attacker could send a crafted HTTP/HTTPS request to render the web server unavailable and/or lead to remote code execution caused by a stack-based buffer overflow vulnerability. A cold restart is required for recovering CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370 controllers, and Armor Compact GuardLogix 5370 Controllers Versions 20 - 30 and earlier. | ||||
| CVE-2025-9278 | 1 Rockwellautomation | 2 Armorstart Lt, Armorstart Lt Firmware | 2026-02-02 | 7.5 High |
| A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. After running a Burp Suite active scan, the device loses ICMP connectivity, causing the web application to become inaccessible. | ||||
| CVE-2025-9279 | 1 Rockwellautomation | 2 Armorstart Lt, Armorstart Lt Firmware | 2026-02-02 | 7.5 High |
| A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP Step Limit Storm tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds. | ||||
| CVE-2025-9281 | 1 Rockwellautomation | 2 Armorstart Lt, Armorstart Lt Firmware | 2026-02-02 | 7.5 High |
| A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles Comprehensive step limit storm tests, the device reboots | ||||
| CVE-2025-9280 | 1 Rockwellautomation | 2 Armorstart Lt, Armorstart Lt Firmware | 2026-02-02 | 7.5 High |
| A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. Fuzzing performed using Defensics causes the device to become unresponsive, requiring a reboot. | ||||
| CVE-2025-9282 | 1 Rockwellautomation | 2 Armorstart Lt, Armorstart Lt Firmware | 2026-02-02 | 7.5 High |
| A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles Comprehensive limited storm tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds. | ||||
| CVE-2025-9283 | 1 Rockwellautomation | 2 Armorstart Lt, Armorstart Lt Firmware | 2026-02-02 | 7.5 High |
| A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP Step Limits Storms tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds. | ||||
| CVE-2025-9464 | 1 Rockwellautomation | 2 Armorstart Lt, Armorstart Lt Firmware | 2026-02-02 | 7.5 High |
| A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. This vulnerability is triggered during fuzzing of multiple CIP classes, which causes the CIP port to become unresponsive. | ||||
| CVE-2025-9465 | 1 Rockwellautomation | 2 Armorstart Lt, Armorstart Lt Firmware | 2026-02-02 | 7.5 High |
| A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles Comprehensive grammar tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds. | ||||
| CVE-2025-9466 | 1 Rockwellautomation | 2 Armorstart Lt, Armorstart Lt Firmware | 2026-02-02 | 7.5 High |
| A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP and CIP grammar tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds. | ||||
| CVE-2024-21917 | 1 Rockwellautomation | 1 Factorytalk Services Platform | 2026-01-15 | 9.8 Critical |
| A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. This is due to the lack of digital signing between the FTSP service token and directory. If exploited, a malicious user could potentially retrieve user information and modify settings without any authentication. | ||||
| CVE-2018-0175 | 2 Cisco, Rockwellautomation | 10 Ios, Ios Xe, Ios Xr and 7 more | 2026-01-14 | 8 High |
| Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCvd73664. | ||||
| CVE-2018-0174 | 2 Cisco, Rockwellautomation | 11 7600 Series Route Switch Processor 720, 7600 Series Supervisor Engine 32, 7600 Series Supervisor Engine 720 and 8 more | 2026-01-14 | 8.6 High |
| A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software performs incomplete input validation of option 82 information that it receives in DHCP Version 4 (DHCPv4) packets from DHCP relay agents. An attacker could exploit this vulnerability by sending a crafted DHCPv4 packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCuh91645. | ||||
| CVE-2018-0173 | 2 Cisco, Rockwellautomation | 20 4321 Integrated Services Router, 4331 Integrated Services Router, 4351 Integrated Services Router and 17 more | 2026-01-14 | 8.6 High |
| A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a Relay Reply denial of service (DoS) condition. The vulnerability exists because the affected software performs incomplete input validation of encapsulated option 82 information that it receives in DHCPOFFER messages from DHCPv4 servers. An attacker could exploit this vulnerability by sending a crafted DHCPv4 packet to an affected device, which the device would then forward to a DHCPv4 server. When the affected software processes the option 82 information that is encapsulated in the response from the server, an error could occur. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvg62754. | ||||
| CVE-2018-0172 | 2 Cisco, Rockwellautomation | 8 Ios, Ios Xe, Allen-bradley Armorstratix 5700 and 5 more | 2026-01-14 | 8.6 High |
| A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software performs incomplete input validation of option 82 information that it receives in DHCP Version 4 (DHCPv4) packets from DHCP relay agents. An attacker could exploit this vulnerability by sending a crafted DHCPv4 packet to an affected device. A successful exploit could allow the attacker to cause a heap overflow condition on the affected device, which will cause the device to reload and result in a DoS condition. Cisco Bug IDs: CSCvg62730. | ||||
| CVE-2018-0167 | 2 Cisco, Rockwellautomation | 18 Asr 9001, Asr 9006, Asr 9010 and 15 more | 2026-01-14 | 8.8 High |
| Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCuo17183, CSCvd73487. | ||||
| CVE-2018-0158 | 2 Cisco, Rockwellautomation | 12 Asr 1001-hx, Asr 1001-x, Asr 1002-hx and 9 more | 2026-01-14 | 8.6 High |
| A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf22394. | ||||