Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Rockwell Automation — Vulnerabilities & Security Advisories 259

Browse all 259 CVE security advisories affecting Rockwell Automation. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Rockwell Automation specializes in industrial automation and information integration, providing critical control systems for manufacturing and process industries. Its software portfolio, including FactoryTalk and PlantPAx, manages complex operational technology environments, making it a high-value target for threat actors seeking to disrupt industrial infrastructure. Historical vulnerability data reveals a prevalence of remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from legacy components or insufficient input validation in web-based interfaces. Notable incidents include the 2018 discovery of backdoors in FactoryTalk View SE, which allowed unauthorized access to industrial control systems. These vulnerabilities highlight the persistent risk of insecure default configurations and unpatched legacy systems within industrial networks. The sheer volume of recorded CVEs underscores the complexity of securing interconnected OT/IT environments, where updates must balance operational continuity with rigorous security hygiene to prevent catastrophic physical or data breaches.

Top products by Rockwell Automation: Arena® Arena Simulation ArmorStart ST ArmorStart® LT FactoryTalk AssetCentre 1756-ENBT, 1756-EWEB, 1768-ENBT, 1768-EWEB communication modules ThinManager ThinServer FactoryTalk View SE ThinManager® ThinServer™ ISaGRAF Runtime RSLinx Classic Pavilion8® ControlLogix® 5580 FactoryTalk® View SE Verve Asset Manager Arena® Simulation RSLinx Enterprise Software FactoryTalk Updater FactoryTalk View Machine Edition ThinManager PM1k 1408-BC3A-485 FactoryTalk® AssetCentre FactoryTalk System Services Comms - 1783-NATR FactoryTalk® DataMosaix™ Private Cloud ISaGRAF Workbench Connected Components Workbench CompactLogix 5380 controllers Micro820®, Micro850®, Micro870® FactoryTalk® Service Platform
CVE IDTitleCVSSSeverityPublished
CVE-2025-9283 ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities — ArmorStart® LTCWE-400 7.5AIHighAI2026-01-20
CVE-2025-9282 ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities — ArmorStart® LTCWE-400 7.5AIHighAI2026-01-20
CVE-2025-9281 ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities — ArmorStart® LTCWE-400 7.5AIHighAI2026-01-20
CVE-2025-9280 ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities — ArmorStart® LTCWE-400 7.5AIHighAI2026-01-20
CVE-2025-14027 Rockwell Automation Recommends Upgrading From 1756-RM2 XT To 1756-RM3 XT — ControlLogix® Redundancy Enhanced ModuleCWE-401 7.5AIHighAI2026-01-20
CVE-2025-9279 ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities — ArmorStart® LTCWE-400 7.5AIHighAI2026-01-20
CVE-2025-9278 ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities — ArmorStart® LTCWE-400 6.5AIMediumAI2026-01-20
CVE-2025-9466 ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities — ArmorStart® LTCWE-400 7.5AIHighAI2026-01-20
CVE-2025-11743 Rockwell Automation CompactLogix® 5370 Denial of Service Vulnerability — CompactLogix® 5370CWE-1284 7.5AIHighAI2026-01-20
CVE-2025-9465 ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities — ArmorStart® LTCWE-400 7.5AIHighAI2026-01-20
CVE-2025-9464 Rockwell Automation ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities — ArmorStart® LTCWE-400 7.5AIHighAI2026-01-20
CVE-2025-14377 Verve Asset Manager – Plaintext Storage Vulnerabilities — Verve Asset ManagerCWE-312 5.5AIMediumAI2026-01-20
CVE-2025-14376 Verve Asset Manager – Plaintext Storage Vulnerabilities — Verve Asset ManagerCWE-922 6.5AIMediumAI2026-01-20
CVE-2025-13824 Micro820®, Micro850®, Micro870® – Specialized Fuzzing Vulnerabilities — Micro820®, Micro850®, Micro870®CWE-763 7.5AIHighAI2025-12-15
CVE-2025-13823 Micro820®, Micro850®, Micro870® – Specialized Fuzzing Vulnerabilities — Micro820®, Micro850®, Micro870®CWE-1395 7.5AIHighAI2025-12-15
CVE-2025-9368 432ES-IG3 Series A Denial-of-Service Vulnerability — 432ES-IG3 Series ACWE-770 7.5AIHighAI2025-12-09
CVE-2025-12807 FactoryTalk® DataMosaix™ Private Cloud SQL Injection — FactoryTalk® DataMosaix™ Private CloudCWE-89 8.8AIHighAI2025-12-09
CVE-2025-11918 Rockwell Automation Arena® Simulation Stack-Based Buffer Overflow Vulnerability — Arena® SimulationCWE-121 7.3 -2025-11-14
CVE-2025-11697 Studio 5000 ® Simulation Interface Local Code Execution — Studio 5000 ® Simulation InterfaceCWE-200 7.8 -2025-11-11
CVE-2025-11696 Studio 5000 ® Simulation Interface SSRF — Studio 5000® Simulation Interface™CWE-22 6.5 -2025-11-11
CVE-2025-11862 Verve Asset Manager Access Control Vulnerability — Verve Asset ManagerCWE-863 8.8 -2025-11-11
CVE-2025-11085 FactoryTalk® DataMosaix™ Private Cloud – Persistent XSS — FactoryTalk® DataMosaix™ Private CloudCWE-116 6.1 -2025-11-11
CVE-2025-11084 FactoryTalk® DataMosaix™ Private Cloud – Authentication Bypass — FactoryTalk® DataMosaix™ Private CloudCWE-1390 7.4 -2025-11-11
CVE-2025-9178 Rockwell Automation 1715 EtherNet/IP Comms Module Denial-Of-Service Vulnerability — 1715-AENTR EtherNet/IP AdapterCWE-787 7.5AIHighAI2025-10-14
CVE-2025-9177 Rockwell Automation 1715 EtherNet/IP Comms Module Denial-Of-Service Vulnerability — 1715-AENTR EtherNet/IP AdapterCWE-770 7.5AIHighAI2025-10-14
CVE-2025-7330 Rockwell Automation 1783-NATR Cross-Site Request Forgery Vulnerability — Comms - 1783-NATRCWE-352 7.1AIHighAI2025-10-14
CVE-2025-7329 Rockwell Automation Comms - 1783-NATR Stored Cross-Site Scripting Vulnerability — Comms - 1783-NATRCWE-79 5.4AIMediumAI2025-10-14
CVE-2025-7328 Rockwell Automation Comms - 1783-NATR Multiple Broken Authentication Vulnerabilities — Comms - 1783-NATRCWE-306 6.8AIMediumAI2025-10-14
CVE-2025-9067 Rockwell Automation FactoryTalk® Linx Privilege Escalation Vulnerabilities — FactoryTalk LinxCWE-269 7.8AIHighAI2025-10-14
CVE-2025-9124 Rockwell Automation Compact GuardLogix® 5370 Denial-Of-Service Vulnerability — Compact GuardLogix® 5370CWE-248 7.5AIHighAI2025-10-14

This page lists every published CVE security advisory associated with Rockwell Automation. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.