Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Rockwell Automation — Vulnerabilities & Security Advisories 259

Browse all 259 CVE security advisories affecting Rockwell Automation. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Rockwell Automation specializes in industrial automation and information integration, providing critical control systems for manufacturing and process industries. Its software portfolio, including FactoryTalk and PlantPAx, manages complex operational technology environments, making it a high-value target for threat actors seeking to disrupt industrial infrastructure. Historical vulnerability data reveals a prevalence of remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from legacy components or insufficient input validation in web-based interfaces. Notable incidents include the 2018 discovery of backdoors in FactoryTalk View SE, which allowed unauthorized access to industrial control systems. These vulnerabilities highlight the persistent risk of insecure default configurations and unpatched legacy systems within industrial networks. The sheer volume of recorded CVEs underscores the complexity of securing interconnected OT/IT environments, where updates must balance operational continuity with rigorous security hygiene to prevent catastrophic physical or data breaches.

Top products by Rockwell Automation: Arena® Arena Simulation ArmorStart ST ArmorStart® LT FactoryTalk AssetCentre 1756-ENBT, 1756-EWEB, 1768-ENBT, 1768-EWEB communication modules ThinManager ThinServer FactoryTalk View SE ThinManager® ThinServer™ ISaGRAF Runtime RSLinx Classic Pavilion8® ControlLogix® 5580 FactoryTalk® View SE Verve Asset Manager Arena® Simulation RSLinx Enterprise Software FactoryTalk Updater FactoryTalk View Machine Edition ThinManager PM1k 1408-BC3A-485 FactoryTalk® AssetCentre FactoryTalk System Services Comms - 1783-NATR FactoryTalk® DataMosaix™ Private Cloud ISaGRAF Workbench Connected Components Workbench CompactLogix 5380 controllers Micro820®, Micro850®, Micro870® FactoryTalk® Service Platform
CVE IDTitleCVSSSeverityPublished
CVE-2025-9068 Rockwell Automation FactoryTalk® Linx Privilege Escalation Vulnerabilities — FactoryTalk LinxCWE-269 7.8AIHighAI2025-10-14
CVE-2025-9064 Rockwell Automation FactoryTalk View Machine Edition Path Traversal — FactoryTalk View Machine EditionCWE-287 8.1AIHighAI2025-10-14
CVE-2025-9063 Rockwell Automation PanelView Plus 7 Performance Series B Authentication Bypass — PanelView Plus 7 Performance Series BCWE-287 9.1AICriticalAI2025-10-14
CVE-2025-9066 Rockwell Automation FactoryTalk® ViewPoint XXE to Denial-of-Service Vulnerability — FactoryTalk ViewPointCWE-20 7.5AIHighAI2025-10-14
CVE-2025-9437 Rockwell Automation ArmorStart® AOP Denial-of-Service Vulnerability — ArmorStart AOPCWE-755 7.5AIHighAI2025-10-14
CVE-2025-9161 Rockwell Automation FactoryTalk Optix Remote Code Execution Vulnerability — FactoryTalk OptixCWE-77 9.8AICriticalAI2025-09-09
CVE-2025-7350 Rockwell Automation Stratix® IOS Cross-Site Request Forgery to Code Execution Vulnerability — Stratix IOSCWE-74 9.8AICriticalAI2025-09-09
CVE-2025-9065 Rockwell Automation ThinManager® Server-Side Request Forgery Vulnerability — ThinManagerCWE-610 9.6AICriticalAI2025-09-09
CVE-2025-7970 Rockwell Automation FactoryTalk Activation Manager Lack of Encryption Vulnerability — FactoryTalk Activation ManagerCWE-306 9.1AICriticalAI2025-09-09
CVE-2025-9364 Rockwell Automation FactoryTalk® Analytics™ LogixAI® Exposed Redis DB — FactoryTalk® Analytics™ LogixAI®CWE-497 9.1AICriticalAI2025-09-09
CVE-2025-9166 Rockwell Automation ControlLogix® 5580 V35.013 Denial-Of-Service — ControlLogix® 5580CWE-476 7.5AIHighAI2025-09-09
CVE-2025-9160 Rockwell Automation CompactLogix® 5480 Code Execution Vulnerability — CompactLogix® 5480CWE-306 6.8AIMediumAI2025-09-09
CVE-2025-8007 Rockwell Automation 1756-ENT2R, EN4TR, EN4TRXT Vulnerability — 1756-ENT2R, 1756-EN4TR, 1756-EN4TRXTCWE-20 6.5AIMediumAI2025-09-09
CVE-2025-8008 Rockwell Automation 1756-ENT2R, EN4TR, EN4TRXT Vulnerability — 1756-ENT2R, 1756-EN4TR, 1756-EN4TRXTCWE-755 7.5AIHighAI2025-09-09
CVE-2025-7693 Rockwell Automation Micro800 Vulnerability — PLC - Micro850 L50ECWE-20 7.5AIHighAI2025-08-18
CVE-2025-7971 Studio 5000 Logix Designer® – Arbitrary Code Execution Vulnerability — Studio 5000 Logix Designer®CWE-20 9.8AICriticalAI2025-08-14
CVE-2025-7972 Rockwell Automation FactoryTalk® Linx Network Browser Security Bypass Vulnerability — FactoryTalk® LinxCWE-286 9.1AICriticalAI2025-08-14
CVE-2025-9042 Rockwell Automation FLEX 5000 I/O - Module Fault — FLEX 5000 I/OCWE-1287 7.5AIHighAI2025-08-14
CVE-2025-9041 Rockwell Automation FLEX 5000 I/O - Module Fault — FLEX 5000 I/OCWE-1287 7.5AIHighAI2025-08-14
CVE-2025-7973 Rockwell Automation FactoryTalk® ViewPoint Privilege Escalation Vulnerability — FactoryTalk® ViewPointCWE-268 7.8AIHighAI2025-08-14
CVE-2025-7773 Rockwell Automation ArmorBlock 5000 I/O – Web Server Vulnerabilities — 5032-CFGB16M12P5DRCWE-863 4.3AIMediumAI2025-08-14
CVE-2025-7774 Rockwell Automation ArmorBlock 5000 I/O – Web Server Vulnerabilities — 5032-CFGB16M12P5DRCWE-306 9.8AICriticalAI2025-08-14
CVE-2025-9036 Rockwell Automation FactoryTalk® Action Manager v1.0.0 Runtime Vulnerability — FactoryTalk® Action ManagerCWE-200 6.5AIMediumAI2025-08-14
CVE-2025-7353 Rockwell Automation ControlLogix® Ethernet Remote Code Execution Vulnerability — 1756-EN2T/DCWE-1188 9.8AICriticalAI2025-08-14
CVE-2025-7033 Rockwell Automation Heap-based Buffer Overflow In Arena® Simulation — Arena® SimulationCWE-122 7.8AIHighAI2025-08-05
CVE-2025-7032 Rockwell Automation Stack-based Buffer Overflow In Arena® Simulation — Arena® SimulationCWE-121 7.8AIHighAI2025-08-05
CVE-2025-7025 Rockwell Automation Heap-based Buffer Overflow In Arena® Simulation — Arena® SimulationCWE-122 7.8AIHighAI2025-08-05
CVE-2025-6376 Arena® Simulation Out-Of-Bounds Write Remote Code Execution Vulnerability — Arena®CWE-20 7.8AIHighAI2025-07-09
CVE-2025-6377 Arena® Simulation Out-Of-Bounds Write Remote Code Execution Vulnerability — Arena®CWE-20 7.8AIHighAI2025-07-09
CVE-2025-3618 Local Privilege Escalation Vulnerability — ThinManager 7.5AIHighAI2025-04-15

This page lists every published CVE security advisory associated with Rockwell Automation. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.