Rockwellautomation Compactlogix_5380
13 CVEs affecting Rockwellautomation Compactlogix_5380. Latest disclosed: 2024-10-14. Critical: 2, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-1161 | Critical | 10.0 | 2022-04-11 | An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5… |
CVE-2021-22681 | Critical | 9.8 | 2021-03-03 | Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communi… |
CVE-2024-3493 | High | 8.6 | 2024-04-15 | A specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major n… |
CVE-2022-3752 | High | 8.6 | 2022-12-19 | An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic loading to cause a denial-of-service conditio… |
CVE-2022-1159 | High | 7.7 | 2022-04-01 | Rockwell Automation Studio 5000 Logix Designer (all versions) are vulnerable when an attacker who achieves administrator access on a workstation running Studio… |
CVE-2024-6207 | High | 7.5 | 2024-10-14 | CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the… |
CVE-2024-8626 | High | 7.5 | 2024-10-08 | Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. A malicious actor could exploit this vulnerability… |
CVE-2024-6077 | High | 7.5 | 2024-09-12 | A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If ex… |
CVE-2024-7515 | High | 7.5 | 2024-08-14 | CVE-2024-7515 IMPACT A denial-of-service vulnerability exists in the affected products. A malformed PTP management packet can cause a major nonrecoverable fau… |
CVE-2022-1797 | Medium | 6.8 | 2022-06-02 | A malformed Class 3 common industrial protocol message with a cached connection can cause a denial-of-service condition in Rockwell Automation Logix Controller… |
CVE-2024-7507 | Medium | 6.5 | 2024-08-14 | CVE-2024-7507 IMPACT A denial-of-service vulnerability exists in the affected products. This vulnerability occurs when a malformed PCCC message is received… |
CVE-2024-5659 | Medium | 6.5 | 2024-06-14 | Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/A… |
CVE-2017-6024 | Medium | 5.9 | 2017-05-06 | A Resource Exhaustion issue was discovered in Rockwell Automation ControlLogix 5580 controllers V28.011, V28.012, and V28.013; ControlLogix 5580 controllers V2… |