← Back

Rockwellautomation

rockwellautomation

337 CVEs • 468 products

Products (468)

Click to collapse
Toggle
Arena
arena
42 CVEs
Micrologix 1400 B Firmware
micrologix_1400_b_firmware
23 CVEs
Factorytalk View
factorytalk_view
18 CVEs
Thinmanager
thinmanager
16 CVEs
Micrologix 1100 Firmware
micrologix_1100_firmware
14 CVEs
Factorytalk Linx
factorytalk_linx
14 CVEs
Factorytalk Services Platform
factorytalk_services_platform
13 CVEs
Controllogix 5580 Firmware
controllogix_5580_firmware
13 CVEs
Guardlogix 5580 Firmware
guardlogix_5580_firmware
13 CVEs
Compactlogix 5380 Firmware
compactlogix_5380_firmware
12 CVEs
Factorytalk Assetcentre
factorytalk_assetcentre
12 CVEs
Micrologix 1400 Firmware
micrologix_1400_firmware
11 CVEs
Compactlogix 5480 Firmware
compactlogix_5480_firmware
11 CVEs
Armorstart St 284ee Firmware
armorstart_st_284ee_firmware
10 CVEs
Armorstart St 281e Firmware
armorstart_st_281e_firmware
10 CVEs
Rslinx
rslinx
9 CVEs
Kepserver Enterprise
kepserver_enterprise
9 CVEs
Armorstart Lt Firmware
armorstart_lt_firmware
9 CVEs
1763 L16awa Series A
1763-l16awa_series_a
8 CVEs
1763 L16awa Series B
1763-l16awa_series_b
8 CVEs
1763 L16bbb Series A
1763-l16bbb_series_a
8 CVEs
1763 L16bbb Series B
1763-l16bbb_series_b
8 CVEs
1763 L16bwa Series A
1763-l16bwa_series_a
8 CVEs
1763 L16bwa Series B
1763-l16bwa_series_b
8 CVEs
1763 L16dwd Series A
1763-l16dwd_series_a
8 CVEs
1763 L16dwd Series B
1763-l16dwd_series_b
8 CVEs
Compact Guardlogix 5380 Firmware
compact_guardlogix_5380_firmware
8 CVEs
Controllogix Controllers
controllogix_controllers
7 CVEs
Guardlogix Controllers
guardlogix_controllers
7 CVEs
Micrologix
micrologix
7 CVEs
Softlogix Controllers
softlogix_controllers
7 CVEs
1756 Enbt
1756-enbt
7 CVEs
1756 Eweb
1756-eweb
7 CVEs
1768 Enbt
1768-enbt
7 CVEs
1768 Eweb
1768-eweb
7 CVEs
1794 Aentr Flex I/o Ethernet/ip Adapter
1794-aentr_flex_i/o_ethernet/ip_adapter
7 CVEs
Compactlogix
compactlogix
7 CVEs
Compactlogix Controllers
compactlogix_controllers
7 CVEs
Compactlogix L32e Controller
compactlogix_l32e_controller
7 CVEs
Compactlogix L35e Controller
compactlogix_l35e_controller
7 CVEs
Controllogix
controllogix
7 CVEs
Flexlogix 1788 Enbt Adapter
flexlogix_1788-enbt_adapter
7 CVEs
Guardlogix
guardlogix
7 CVEs
Softlogix
softlogix
7 CVEs
Rslinx Enterprise
rslinx_enterprise
7 CVEs
1766 L32awa Series A
1766-l32awa_series_a
7 CVEs
1766 L32awa Series B
1766-l32awa_series_b
7 CVEs
1766 L32awaa Series A
1766-l32awaa_series_a
7 CVEs
1766 L32awaa Series B
1766-l32awaa_series_b
7 CVEs
1766 L32bwa Series A
1766-l32bwa_series_a
7 CVEs
1766 L32bwa Series B
1766-l32bwa_series_b
7 CVEs
1766 L32bwaa Series A
1766-l32bwaa_series_a
7 CVEs
1766 L32bwaa Series B
1766-l32bwaa_series_b
7 CVEs
1766 L32bxb Series A
1766-l32bxb_series_a
7 CVEs
1766 L32bxb Series B
1766-l32bxb_series_b
7 CVEs
1766 L32bxba Series A
1766-l32bxba_series_a
7 CVEs
1766 L32bxba Series B
1766-l32bxba_series_b
7 CVEs
Connected Components Workbench
connected_components_workbench
6 CVEs
Rslinx Classic
rslinx_classic
6 CVEs
Micrologix 1400 A Firmware
micrologix_1400_a_firmware
6 CVEs
1756 En2tr Series A Firmware
1756-en2tr_series_a_firmware
5 CVEs
1756 En2tr Series B Firmware
1756-en2tr_series_b_firmware
5 CVEs
1756 En2tr Series C Firmware
1756-en2tr_series_c_firmware
5 CVEs
Compactlogix 5370 L1 Firmware
compactlogix_5370_l1_firmware
5 CVEs
Compactlogix 5370 L2 Firmware
compactlogix_5370_l2_firmware
5 CVEs
Compactlogix 5370 L3 Firmware
compactlogix_5370_l3_firmware
5 CVEs
Compact Guardlogix 5370 Firmware
compact_guardlogix_5370_firmware
5 CVEs
Rslogix 500
rslogix_500
5 CVEs
Aadvance Controller
aadvance_controller
5 CVEs
Isagraf Free Runtime
isagraf_free_runtime
5 CVEs
Isagraf Runtime
isagraf_runtime
5 CVEs
Micro810 Firmware
micro810_firmware
5 CVEs
Micro820 Firmware
micro820_firmware
5 CVEs
Micro830 Firmware
micro830_firmware
5 CVEs
Micro850 Firmware
micro850_firmware
5 CVEs
Micro870 Firmware
micro870_firmware
5 CVEs
Factorytalk Policy Manager
factorytalk_policy_manager
5 CVEs
1756 En4tr Firmware
1756-en4tr_firmware
5 CVEs
Thinmanager Thinserver
thinmanager_thinserver
5 CVEs
Pavilion8
pavilion8
5 CVEs
Studio 5000 Logix Designer
studio_5000_logix_designer
4 CVEs
Controllogix 5570 Firmware
controllogix_5570_firmware
4 CVEs
Guardlogix 5570 Firmware
guardlogix_5570_firmware
4 CVEs
Isagraf Workbench
isagraf_workbench
4 CVEs
Factorytalk System Services
factorytalk_system_services
4 CVEs
Compact Guardlogix 5380 Sil 2 Firmware
compact_guardlogix_5380_sil_2_firmware
4 CVEs
Compact Guardlogix 5380 Sil 3 Firmware
compact_guardlogix_5380_sil_3_firmware
4 CVEs
Controllogix 1756 Enbt/a Ethernet/ Ip Bridge
controllogix_1756-enbt/a_ethernet/_ip_bridge
3 CVEs
Rslogix 5000
rslogix_5000
3 CVEs
1756 En2f Series A Firmware
1756-en2f_series_a_firmware
3 CVEs
1756 En2f Series B Firmware
1756-en2f_series_b_firmware
3 CVEs
1756 En2f Series C Firmware
1756-en2f_series_c_firmware
3 CVEs
1756 En2t Series A Firmware
1756-en2t_series_a_firmware
3 CVEs
1756 En2t Series B Firmware
1756-en2t_series_b_firmware
3 CVEs
1756 En2t Series C Firmware
1756-en2t_series_c_firmware
3 CVEs
1756 En2t Series D Firmware
1756-en2t_series_d_firmware
3 CVEs
1756 En3tr Series A Firmware
1756-en3tr_series_a_firmware
3 CVEs
1756 En3tr Series B Firmware
1756-en3tr_series_b_firmware
3 CVEs
Powermonitor 1000 Firmware
powermonitor_1000_firmware
3 CVEs
Armor Compact Guardlogix 5370 Firmware
armor_compact_guardlogix_5370_firmware
3 CVEs

CVEs (337)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2016-2277
1Rockwellautomation
1Integrated Architecture Builder
May 6, 2026
Apr 6, 2016
N/A· v4
6.3 MEDIUM· v3
6.9 MEDIUM· v2
IAB.exe in Rockwell Automation Integrated Architecture Builder (IAB) before 9.6.0.8 and 9.7.x before 9.7.0.2 allows remote attackers to execute arbitrary code via a crafted project file.
CVE-2016-2279
1Rockwellautomation
23Compactlogix 1756 En2f Series A Firmware
Compactlogix 1756 En2f Series B FirmwareCompactlogix 1756 En2t Series A Firmware+20 more
Jun 3, 2026
Mar 2, 2016
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in the web server in Rockwell Automation Allen-Bradley CompactLogix 1769-L* before 28.011+ allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-0868
1Rockwellautomation
81763 L16awa Series A
1763 L16awa Series B1763 L16bbb Series A+5 more
May 6, 2026
Jan 28, 2016
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
Stack-based buffer overflow on Rockwell Automation Allen-Bradley MicroLogix 1100 devices A through 15.000 and B before 15.002 allows remote attackers to execute arbitrary code via a crafted web request.
CVE-2015-6492
1Rockwellautomation
2Micrologix 1100 Firmware
Micrologix 1400 Firmware
Jun 3, 2026
Oct 28, 2015
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allow remote attackers to cause a denial of service (memory corruption and device crash) via a crafted HTTP request.
CVE-2015-6491
1Rockwellautomation
2Micrologix 1100 Firmware
Micrologix 1400 Firmware
May 6, 2026
Oct 28, 2015
N/A· v4
N/A· v3
4.0 MEDIUM· v2
Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allow remote authenticated users to insert the content of an arbitrary file into a FRAME element via unspecified vectors.
CVE-2015-6490
1Rockwellautomation
2Micrologix 1100 Firmware
Micrologix 1400 Firmware
Jun 3, 2026
Oct 28, 2015
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
Stack-based buffer overflow on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices through B FRN 15.003 allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2015-6488
1Rockwellautomation
2Micrologix 1100 Firmware
Micrologix 1400 Firmware
May 6, 2026
Oct 28, 2015
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in the web server on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allows remote attackers to inject arbitrary web script or HTML...Show more
Cross-site scripting (XSS) vulnerability in the web server on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.Show less
CVE-2015-6486
1Rockwellautomation
2Micrologix 1100 Firmware
Micrologix 1400 Firmware
May 6, 2026
Oct 28, 2015
N/A· v4
N/A· v3
6.5 MEDIUM· v2
SQL injection vulnerability on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2015-1010
1Rockwellautomation
1Rsview32
May 6, 2026
May 31, 2015
N/A· v4
N/A· v3
4.9 MEDIUM· v2
Rockwell Automation RSView32 7.60.00 (aka CPR9 SR4) and earlier does not properly encrypt credentials, which allows local users to obtain sensitive information by reading a file and conducting a decryption attack.
CVE-2014-9204
1Rockwellautomation
1Rslinx
May 6, 2026
May 17, 2015
N/A· v4
N/A· v3
6.9 MEDIUM· v2
Stack-based buffer overflow in OPCTest.exe in Rockwell Automation RSLinx Classic before 3.73.00 allows remote attackers to execute arbitrary code via a crafted CSV file.
CVE-2014-9209
1Rockwellautomation
2Factorytalk Services Platform
Factorytalk View Studio
May 6, 2026
Mar 31, 2015
N/A· v4
N/A· v3
6.9 MEDIUM· v2
Untrusted search path vulnerability in the Clean Utility application in Rockwell Automation FactoryTalk Services Platform before 2.71.00 and FactoryTalk View Studio 8.00.00 and earlier allows local users to gain privileg...Show more
Untrusted search path vulnerability in the Clean Utility application in Rockwell Automation FactoryTalk Services Platform before 2.71.00 and FactoryTalk View Studio 8.00.00 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.Show less
CVE-2014-5424
1Rockwellautomation
1Connected Components Workbench
May 6, 2026
Nov 14, 2014
N/A· v4
N/A· v3
7.5 HIGH· v2
Rockwell Automation Connected Components Workbench (CCW) before 7.00.00 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an invalid property value to an Acti...Show more
Rockwell Automation Connected Components Workbench (CCW) before 7.00.00 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an invalid property value to an ActiveX control that was built with an outdated compiler.Show less
CVE-2014-5410
1Rockwellautomation
1Ab Micrologix Controller
May 6, 2026
Oct 3, 2014
N/A· v4
N/A· v3
7.1 HIGH· v2
The DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400 1766-Lxxxxx A FRN controllers 7 and earlier and 1400 1766-Lxxxxx B FRN controllers before 15.001 allows remote attackers to cause a denial of service...Show more
The DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400 1766-Lxxxxx A FRN controllers 7 and earlier and 1400 1766-Lxxxxx B FRN controllers before 15.001 allows remote attackers to cause a denial of service (process disruption) via malformed packets over (1) an Ethernet network or (2) a serial line.Show less
CVE-2014-0755
1Rockwellautomation
1Rslogix 5000 Design And Configuration Software
Apr 29, 2026
Feb 5, 2014
N/A· v4
N/A· v3
6.9 MEDIUM· v2
Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not properly implement password protection for .ACD files (aka project files), which allows local users to obtain sensitive information or modify data via...Show more
Rockwell Automation RSLogix 5000 7 through 20.01, and 21.0, does not properly implement password protection for .ACD files (aka project files), which allows local users to obtain sensitive information or modify data via unspecified vectors.Show less
CVE-2012-4715
1Rockwellautomation
1Rslinx Enterprise
Apr 29, 2026
Apr 18, 2013
N/A· v4
N/A· v3
10.0 HIGH· v2
Buffer overflow in LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (daemon cr...Show more
Buffer overflow in LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a UDP packet with a certain integer length value that is (1) too large or (2) too small, leading to improper handling by Logger.dll.Show less
CVE-2012-4714
1Rockwellautomation
1Factorytalk Services Platform
Apr 29, 2026
Apr 18, 2013
N/A· v4
N/A· v3
7.8 HIGH· v2
Integer overflow in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denia...Show more
Integer overflow in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (service outage or RNADiagReceiver.exe daemon crash) via UDP data that specifies a large integer value.Show less
CVE-2012-4713
1Rockwellautomation
1Factorytalk Services Platform
Apr 29, 2026
Apr 18, 2013
N/A· v4
N/A· v3
7.8 HIGH· v2
Integer signedness error in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause...Show more
Integer signedness error in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (service outage or RNADiagReceiver.exe daemon crash) via UDP data that specifies a negative integer value.Show less
CVE-2012-4695
1Rockwellautomation
1Rslinx Enterprise
Apr 29, 2026
Apr 18, 2013
N/A· v4
N/A· v3
7.1 HIGH· v2
LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (service outage) via a zero-b...Show more
LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (service outage) via a zero-byte UDP packet that is not properly handled by Logger.dll.Show less
CVE-2012-6442
1Rockwellautomation
12Compactlogix Controllers Firmware
Compactlogix FirmwareControllogix Controllers Firmware+9 more
Jun 3, 2026
Jan 24, 2013
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP that instructs the product to reset, a DoS can occur. Thi...Show more
When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP that instructs the product to reset, a DoS can occur. This situation could cause loss of availability and a disruption of communication with other connected devices. Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400Show less
CVE-2012-6441
1Rockwellautomation
171756 Enbt
1756 Eweb1768 Enbt+14 more
Apr 29, 2026
Jan 24, 2013
N/A· v4
N/A· v3
5.0 MEDIUM· v2
An information exposure of confidential information results when the device receives a specially crafted CIP packet to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP. Successful exploitation of this vuln...Show more
An information exposure of confidential information results when the device receives a specially crafted CIP packet to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP. Successful exploitation of this vulnerability could cause loss of confidentiality. Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400Show less