Rockwellautomation Factorytalk_services_platform

13 CVEs affecting Rockwellautomation Factorytalk_services_platform. Latest disclosed: 2024-02-16. Critical: 5, High: 5.

Top CVEs affecting Rockwellautomation Factorytalk_services_platform
CVESeverityScorePublishedSummary
CVE-2020-14516Critical10.02021-03-18In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an issue with the implementation of the SHA-256 hashing algorithm w…
CVE-2024-21917Critical9.82024-01-31A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and use it for authenticat…
CVE-2021-22681Critical9.82021-03-03Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communi…
CVE-2020-6967Critical9.82020-03-23In Rockwell Automation all versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk Services Platform, FactoryTalk Diagnostics exposes a .N…
CVE-2024-21915Critical9.02024-02-16 A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform (FTSP). If exploited, a malicious user with basic user group…
CVE-2020-12033High8.82020-06-23In Rockwell Automation FactoryTalk Services Platform, all versions, the redundancy host service (RdcyHost.exe) does not validate supplied identifiers, which co…
CVE-2021-32960High8.52022-04-01Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is enabled and deployed contains a vulnerability that may allow a…
CVE-2023-46290High8.12023-10-27 Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk® Servic…
CVE-2018-18981High7.52019-01-24In Rockwell Automation FactoryTalk Services Platform 2.90 and earlier, a remote unauthenticated attacker could send numerous crafted packets to service ports r…
CVE-2020-14478High7.12022-02-24A local, authenticated attacker could use an XML External Entity (XXE) attack to exploit weakly configured XML files to access local or remote content. A succe…
CVE-2014-92092015-03-31Untrusted search path vulnerability in the Clean Utility application in Rockwell Automation FactoryTalk Services Platform before 2.71.00 and FactoryTalk View S…
CVE-2012-47142013-04-18Integer overflow in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9…
CVE-2012-47132013-04-18Integer signedness error in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-S…