Vulnerabilidades em Rockwell Automation

274 resultados
Análise Vexday

O portfólio de vulnerabilidades da Rockwell Automation soma 274 CVEs catalogadas, das quais nenhuma consta no catálogo CISA KEV de explorações ativas — índice abaixo da média geral do catálogo, o que indica menor pressão de exploração confirmada no momento. Ainda assim, a presença de 41 falhas de severidade crítica e o EPSS de 0,7809 associado a CVE-2023-2915 — o valor mais alto observado no conjunto — sinalizam risco probabilístico elevado para essa vulnerabilidade específica, merecendo atenção prioritária nas rotinas de patch. O tipo de falha mais recorrente é CWE-20 (validação imprópria de entrada), padrão que tende a se manifestar de formas variadas em ambientes de tecnologia operacional e requer controles de segmentação e validação em profundidade. Com 7 CVEs surgidas nos últimos 90 dias e ao menos 1 com prova de conceito pública disponível, a superfície de risco permanece ativa e demanda monitoramento contínuo.

CVE-2025-14027HIGHRockwell Automation Recommends Upgrading From 1756-RM2 XT To 1756-RM3 XTEPSS 0.4%CVE-2024-2929HIGHRockwell Automation Arena Simulation Vulnerable To Memory CorruptionEPSS 0.3%CVE-2024-11364HIGHRockwell Automation Third Party Vulnerability in Arena®EPSS 0.3%CVE-2025-9437HIGHRockwell Automation ArmorStart® AOP Denial-of-Service VulnerabilityEPSS 0.3%CVE-2025-7693CRITICALRockwell Automation Micro800 VulnerabilityEPSS 0.3%CVE-2025-9464HIGHRockwell Automation ArmorStart® LT - Multiple Denial-of-Service VulnerabilitiesEPSS 0.3%CVE-2026-0646HIGHRockwell Automation FLEX I/O Dual-port EtherNet/IP Adapters – Multiple VulnerabilitiesEPSS 0.3%CVE-2025-7970HIGHRockwell Automation FactoryTalk Activation Manager Lack of Encryption VulnerabilityEPSS 0.3%CVE-2024-37369HIGHRockwell Automation FactoryTalk® View SE Local Privilege Escalation Vulnerability via Local File PermissionsEPSS 0.3%CVE-2020-14478HIGHIMPROPER RESTRICTION OF XML EXTERNAL ENTITY REFERENCE CWE-611EPSS 0.3%CVE-2024-7987HIGHRockwell Automation ThinManager® ThinServer™ Information Disclosure and Remote Code Execution VulnerabilitiesEPSS 0.3%CVE-2022-2465HIGHISaGRAF Workbench Deserialization of Untrusted Data CWE-502EPSS 0.3%CVE-2025-0497HIGHRockwell Automation FactoryTalk® AssetCentre Data Exposure VulnerabilityEPSS 0.3%CVE-2025-9368HIGH432ES-IG3 Series A Denial-of-Service VulnerabilityEPSS 0.3%CVE-2025-13824HIGHMicro820®, Micro850®, Micro870® – Specialized Fuzzing VulnerabilitiesEPSS 0.3%CVE-2024-5659HIGHRockwell Automation Multicast Request Causes major nonrecoverable fault on Select ControllersEPSS 0.3%CVE-2025-11862HIGHVerve Asset Manager Access Control VulnerabilityEPSS 0.3%CVE-2024-6325MEDIUMRockwell Automation Unsecured Private Keys in FactoryTalk® System ServicesEPSS 0.3%CVE-2025-11085HIGHFactoryTalk® DataMosaix™ Private Cloud – Persistent XSSEPSS 0.3%CVE-2025-9177HIGHRockwell Automation 1715 EtherNet/IP Comms Module Denial-Of-Service VulnerabilityEPSS 0.3%