Vulnerabilidades em Rockwell Automation

274 resultados
Análise Vexday

O portfólio de vulnerabilidades da Rockwell Automation soma 274 CVEs catalogadas, das quais nenhuma consta no catálogo CISA KEV de explorações ativas — índice abaixo da média geral do catálogo, o que indica menor pressão de exploração confirmada no momento. Ainda assim, a presença de 41 falhas de severidade crítica e o EPSS de 0,7809 associado a CVE-2023-2915 — o valor mais alto observado no conjunto — sinalizam risco probabilístico elevado para essa vulnerabilidade específica, merecendo atenção prioritária nas rotinas de patch. O tipo de falha mais recorrente é CWE-20 (validação imprópria de entrada), padrão que tende a se manifestar de formas variadas em ambientes de tecnologia operacional e requer controles de segmentação e validação em profundidade. Com 7 CVEs surgidas nos últimos 90 dias e ao menos 1 com prova de conceito pública disponível, a superfície de risco permanece ativa e demanda monitoramento contínuo.

CVE-2026-11317HIGHRockwell Automation Logix 5370 and 5570 Controllers Vulnerable To Denial of Service Via CIPEPSS 0.3%CVE-2025-9041HIGHRockwell Automation FLEX 5000 I/O - Module FaultEPSS 0.3%CVE-2025-9042HIGHRockwell Automation FLEX 5000 I/O - Module FaultEPSS 0.3%CVE-2026-9307MEDIUMRockwell Automation CompactLogix 5370 Controllers – Multiple VulnerabilitiesEPSS 0.3%CVE-2024-12130HIGHRockwell Automation Arena® Out of Bounds Read VulnerabilityEPSS 0.3%CVE-2025-9178HIGHRockwell Automation 1715 EtherNet/IP Comms Module Denial-Of-Service VulnerabilityEPSS 0.3%CVE-2024-21919HIGHRockwell Automation Arena Simulation Vulnerable To Uninitialized PointerEPSS 0.3%CVE-2025-13036CRITICALRockwell Automation FactoryTalk Historian Site Edition - Authentication BypassEPSS 0.3%CVE-2025-7033HIGHRockwell Automation Heap-based Buffer Overflow In Arena® SimulationEPSS 0.3%CVE-2025-7032HIGHRockwell Automation Stack-based Buffer Overflow In Arena® SimulationEPSS 0.3%CVE-2025-7025HIGHRockwell Automation Heap-based Buffer Overflow In Arena® SimulationEPSS 0.3%CVE-2024-3640HIGHRockwell Automation FactoryTalk® Remote Access™ has Unquoted ExecutablesEPSS 0.3%CVE-2020-14480MEDIUMDue to usernames/passwords being stored in plaintext in Random Access Memory (RAM), a local, authenticated attacker could gain access to cerEPSS 0.3%CVE-2025-9364HIGHRockwell Automation FactoryTalk® Analytics™ LogixAI® Exposed Redis DBEPSS 0.3%CVE-2022-2464HIGHISaGRAF Workbench Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-22EPSS 0.3%CVE-2025-0631HIGHPowerFlex® 755 Credential Exposure VulnerabilityEPSS 0.3%CVE-2024-21912HIGHRockwell Automation Arena Simulation vulnerable to out of bounds writeEPSS 0.3%CVE-2024-12175HIGHRockwell Automation Code Execution Vulnerability in ArenaEPSS 0.3%CVE-2023-27854HIGHRockwell Automation Arena® Simulation Out of Bounds Read VulnerabilityEPSS 0.3%CVE-2025-3289HIGHLocal Code Execution Vulnerability in Arena®EPSS 0.3%