Vulnerabilidades em Rockwell Automation

274 resultados
Análise Vexday

O portfólio de vulnerabilidades da Rockwell Automation soma 274 CVEs catalogadas, das quais nenhuma consta no catálogo CISA KEV de explorações ativas — índice abaixo da média geral do catálogo, o que indica menor pressão de exploração confirmada no momento. Ainda assim, a presença de 41 falhas de severidade crítica e o EPSS de 0,7809 associado a CVE-2023-2915 — o valor mais alto observado no conjunto — sinalizam risco probabilístico elevado para essa vulnerabilidade específica, merecendo atenção prioritária nas rotinas de patch. O tipo de falha mais recorrente é CWE-20 (validação imprópria de entrada), padrão que tende a se manifestar de formas variadas em ambientes de tecnologia operacional e requer controles de segmentação e validação em profundidade. Com 7 CVEs surgidas nos últimos 90 dias e ao menos 1 com prova de conceito pública disponível, a superfície de risco permanece ativa e demanda monitoramento contínuo.

CVE-2020-25184HIGHRockwell Automation ISaGRAF5 Runtime Unprotected Storage of CredentialsEPSS 0.4%CVE-2025-9278HIGHArmorStart® LT - Multiple Denial-of-Service VulnerabilitiesEPSS 0.4%CVE-2020-25182MEDIUMRockwell Automation ISaGRAF5 Runtime Uncontrolled Search Path ElementEPSS 0.4%CVE-2025-9066HIGHRockwell Automation FactoryTalk® ViewPoint XXE to Denial-of-Service VulnerabilityEPSS 0.4%CVE-2025-9280HIGHArmorStart® LT - Multiple Denial-of-Service VulnerabilitiesEPSS 0.4%CVE-2025-12807HIGHFactoryTalk® DataMosaix™ Private Cloud SQL InjectionEPSS 0.4%CVE-2023-2746CRITICALRockwell Automation Enhanced HIM Vulnerable to Cross-Site Request Forgery AttackEPSS 0.4%CVE-2024-9412HIGHImproper Authorization Vulnerability in Rockwell Automation Verve® Asset ManagerEPSS 0.4%CVE-2025-9166HIGHRockwell Automation ControlLogix® 5580 V35.013 Denial-Of-ServiceEPSS 0.4%CVE-2023-2639MEDIUMRockwell Automation FactoryTalk System Services Vulnerable to Sensitive Information DisclosureEPSS 0.4%CVE-2025-7774HIGHRockwell Automation ArmorBlock 5000 I/O – Web Server VulnerabilitiesEPSS 0.4%CVE-2025-7773HIGHRockwell Automation ArmorBlock 5000 I/O – Web Server VulnerabilitiesEPSS 0.4%CVE-2024-6078HIGHRockwell Automation Authentication Bypass Vulnerability in DataMosaix™EPSS 0.4%CVE-2023-2444HIGH A cross site request forgery vulnerability exists in Rockwell Automation's FactoryTalk Vantagepoint. This vulnerability can be exploited inEPSS 0.4%CVE-2025-0659HIGHPath Traversal and Rockwell Automation Third-party Vulnerability in DataMosaix™ Private CloudEPSS 0.4%CVE-2025-9124HIGHRockwell Automation Compact GuardLogix® 5370 Denial-Of-Service VulnerabilityEPSS 0.4%CVE-2025-0498HIGHRockwell Automation FactoryTalk® AssetCentre Data Exposure VulnerabilityEPSS 0.4%CVE-2022-3156HIGHRockwell Automation Studio 5000 Logix Emulate Vulnerable to a Remote Code Execution VulnerabilityEPSS 0.4%CVE-2025-9063HIGHRockwell Automation PanelView Plus 7 Performance Series B Authentication BypassEPSS 0.4%CVE-2025-0477CRITICALRockwell Automation FactoryTalk® AssetCentre Data Exposure VulnerabilityEPSS 0.4%