Vulnerabilidades em Rockwell Automation

274 resultados
Análise Vexday

O portfólio de vulnerabilidades da Rockwell Automation soma 274 CVEs catalogadas, das quais nenhuma consta no catálogo CISA KEV de explorações ativas — índice abaixo da média geral do catálogo, o que indica menor pressão de exploração confirmada no momento. Ainda assim, a presença de 41 falhas de severidade crítica e o EPSS de 0,7809 associado a CVE-2023-2915 — o valor mais alto observado no conjunto — sinalizam risco probabilístico elevado para essa vulnerabilidade específica, merecendo atenção prioritária nas rotinas de patch. O tipo de falha mais recorrente é CWE-20 (validação imprópria de entrada), padrão que tende a se manifestar de formas variadas em ambientes de tecnologia operacional e requer controles de segmentação e validação em profundidade. Com 7 CVEs surgidas nos últimos 90 dias e ao menos 1 com prova de conceito pública disponível, a superfície de risco permanece ativa e demanda monitoramento contínuo.

CVE-2024-21918HIGHRockwell Automation Arena Simulation Vulnerable To Memory CorruptionEPSS 0.2%CVE-2024-11155HIGHRockwell Automation Arena® Use After Free VulnerabilityEPSS 0.2%CVE-2024-11158HIGHRockwell Automation Arena® Uninitialized VulnerabilityEPSS 0.2%CVE-2024-12672HIGHRockwell Automation Third Party Vulnerability in Arena®EPSS 0.2%CVE-2024-37365HIGHFactoryTalk View ME Remote Code Execution Vulnerability via Project Save PathEPSS 0.2%CVE-2024-21920MEDIUMRockwell Automation Arena Simulation Vulnerable To Buffer OverflowEPSS 0.2%CVE-2024-6079MEDIUMDLL Hijacking Vulnerability Exists in Rockwell Automation Emulate3D™EPSS 0.2%CVE-2025-6376HIGHArena® Simulation Out-Of-Bounds Write Remote Code Execution VulnerabilityEPSS 0.2%CVE-2025-6377HIGHArena® Simulation Out-Of-Bounds Write Remote Code Execution VulnerabilityEPSS 0.2%CVE-2023-2637HIGHRockwell Automation FactoryTalk System Services Vulnerable To Use Of Hard-Coded Cryptographic KeyEPSS 0.2%CVE-2023-2638MEDIUMRockwell Automation FactoryTalk System Services Vulnerable to a Denial-of-Service AttackEPSS 0.2%CVE-2025-9160HIGHRockwell Automation CompactLogix® 5480 Code Execution VulnerabilityEPSS 0.2%CVE-2025-7330HIGHRockwell Automation 1783-NATR Cross-Site Request Forgery VulnerabilityEPSS 0.2%CVE-2024-40620MEDIUMRockwell Automation Pavilion8® Unencrypted Data Vulnerability via HTTP protocolEPSS 0.2%CVE-2024-7847HIGHRSLogix™ 5 and RSLogix 500® Remote Code Execution Via VBA Embedded ScriptEPSS 0.2%CVE-2024-10945HIGHFactoryTalk® Updater Local Privilege EscalationEPSS 0.2%CVE-2025-13823HIGHMicro820®, Micro850®, Micro870® – Specialized Fuzzing VulnerabilitiesEPSS 0.2%CVE-2024-6326LOWRockwell Automation Unsecured Private Keys in FactoryTalk® System ServicesEPSS 0.2%CVE-2025-24479HIGHFactoryTalk® View Machine Edition - Local Code InjectionEPSS 0.2%CVE-2025-9067HIGHRockwell Automation FactoryTalk® Linx Privilege Escalation VulnerabilitiesEPSS 0.2%