Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Rockwell Automation — Vulnerabilities & Security Advisories 259

Browse all 259 CVE security advisories affecting Rockwell Automation. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Rockwell Automation specializes in industrial automation and information integration, providing critical control systems for manufacturing and process industries. Its software portfolio, including FactoryTalk and PlantPAx, manages complex operational technology environments, making it a high-value target for threat actors seeking to disrupt industrial infrastructure. Historical vulnerability data reveals a prevalence of remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from legacy components or insufficient input validation in web-based interfaces. Notable incidents include the 2018 discovery of backdoors in FactoryTalk View SE, which allowed unauthorized access to industrial control systems. These vulnerabilities highlight the persistent risk of insecure default configurations and unpatched legacy systems within industrial networks. The sheer volume of recorded CVEs underscores the complexity of securing interconnected OT/IT environments, where updates must balance operational continuity with rigorous security hygiene to prevent catastrophic physical or data breaches.

Top products by Rockwell Automation: Arena® Arena Simulation ArmorStart ST ArmorStart® LT FactoryTalk AssetCentre 1756-ENBT, 1756-EWEB, 1768-ENBT, 1768-EWEB communication modules ThinManager ThinServer FactoryTalk View SE ThinManager® ThinServer™ ISaGRAF Runtime RSLinx Classic Pavilion8® ControlLogix® 5580 FactoryTalk® View SE Verve Asset Manager Arena® Simulation RSLinx Enterprise Software FactoryTalk Updater FactoryTalk View Machine Edition ThinManager PM1k 1408-BC3A-485 FactoryTalk® AssetCentre FactoryTalk System Services Comms - 1783-NATR FactoryTalk® DataMosaix™ Private Cloud ISaGRAF Workbench Connected Components Workbench CompactLogix 5380 controllers Micro820®, Micro850®, Micro870® FactoryTalk® Service Platform
CVE IDTitleCVSSSeverityPublished
CVE-2024-7513 Rockwell Automation FactoryTalk® View Site Edition Code Execution Vulnerability via File Permissions — FactoryTalk View Site EditionCWE-732 7.8AIHighAI2024-08-14
CVE-2024-6078 Rockwell Automation Authentication Bypass Vulnerability in DataMosaix™ — DataMosaix™CWE-287 9.1AICriticalAI2024-08-14
CVE-2024-7515 Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix® 5380 Controller Denial-of-Service Vulnerability via Input Validation — CompactLogix 5380 (5069-L3z)CWE-20 7.5AIHighAI2024-08-14
CVE-2024-7507 Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix® 5380 Controller Denial-of-Service Vulnerability via Input Validation — CompactLogix 5380 (5069 – L3z)CWE-20 7.5AIHighAI2024-08-14
CVE-2024-7567 Rockwell Automation Micro850/870 Vulnerable to denial-of-service Vulnerability via CIP/Modbus Port — PLC - Micro850/870 (2080 -L50E/2080 -L70E)CWE-400 7.5AIHighAI2024-08-13
CVE-2024-6079 DLL Hijacking Vulnerability Exists in Rockwell Automation Emulate3D™ — Emulate3D™CWE-610 7.8AIHighAI2024-08-13
CVE-2024-6242 Rockwell Automation Chassis Restrictions Bypass Vulnerability in Select Logix Devices — ControlLogix® 5580 (1756-L8z)CWE-420 9.8AICriticalAI2024-08-01
CVE-2024-6089 Rockwell Automation Major nonrecoverable fault in 5015 – AENFTXT — 5015 - AENFTXTCWE-20 9.1AICriticalAI2024-07-16
CVE-2024-6326 Rockwell Automation Unsecured Private Keys in FactoryTalk® System Services — FactoryTalk® System Services (installed via FTPM)CWE-269 8.1AIHighAI2024-07-16
CVE-2024-6325 Rockwell Automation Unsecured Private Keys in FactoryTalk® System Services — FactoryTalk® System Services (installed via FTPM)CWE-269 9.8AICriticalAI2024-07-16
CVE-2024-6435 Rockwell Automation Privilege Escalation Vulnerability in Pavilion8® — Pavilion8®CWE-732 7.1AIHighAI2024-07-16
CVE-2024-5990 ThinManager® ThinServer™ Improper Input Validation Vulnerability — ThinManager® ThinServer™CWE-20 7.5AIHighAI2024-06-25
CVE-2024-5989 Rockwell Automation ThinManager® ThinServer™ Improper Input Validation Vulnerability — ThinManager® ThinServer™CWE-20 9.8AICriticalAI2024-06-25
CVE-2024-5988 Rockwell Automation ThinManager® ThinServer™ Improper Input Validation Vulnerability — ThinManager® ThinServer™CWE-20 9.8AICriticalAI2024-06-25
CVE-2024-37369 Rockwell Automation FactoryTalk® View SE Local Privilege Escalation Vulnerability via Local File Permissions — FactoryTalk® View SECWE-732 8.8AIHighAI2024-06-14
CVE-2024-5659 Rockwell Automation Multicast Request Causes major nonrecoverable fault on Select Controllers — ControlLogix® 5580CWE-670 6.5AIMediumAI2024-06-14
CVE-2024-37368 Rockwell Automation FactoryTalk® View SE v11 Information Leakage Vulnerability via Authentication Restriction — FactoryTalk® View SECWE-287 5.3AIMediumAI2024-06-14
CVE-2024-37367 Rockwell Automation FactoryTalk® View SE v12 Information Leakage Vulnerability via Authentication Restriction — FactoryTalk® View SECWE-287 5.3AIMediumAI2024-06-14
CVE-2024-3640 Rockwell Automation FactoryTalk® Remote Access™ has Unquoted Executables — FactoryTalk® Remote Access™CWE-428 7.2AIHighAI2024-05-16
CVE-2024-4609 Rockwell Automation Datalog Function within in FactoryTalk® View SE contains SQL Injection Vulnerability — FactoryTalk® View SECWE-20 9.8AICriticalAI2024-05-16
CVE-2024-3493 Rockwell Automation ControlLogix and GaurdLogix Vulnerable to Major Nonrecoverable Fault Due to Invalid Header Value — ControlLogix 5580CWE-20 8.6 High2024-04-15
CVE-2024-2929 Rockwell Automation Arena Simulation Vulnerable To Memory Corruption — Arena SimulationCWE-119 7.8 High2024-03-26
CVE-2024-21920 Rockwell Automation Arena Simulation Vulnerable To Buffer Overflow — Arena SimulationCWE-125 4.4 Medium2024-03-26
CVE-2024-21919 Rockwell Automation Arena Simulation Vulnerable To Uninitialized Pointer — Arena SimulationCWE-824 7.8 High2024-03-26
CVE-2024-21918 Rockwell Automation Arena Simulation Vulnerable To Memory Corruption — Arena SimulationCWE-416 7.8 High2024-03-26
CVE-2024-21913 Rockwell Automation Arena Simulation Vulnerable To Memory Corruption — Arena SimulationCWE-122 7.8 High2024-03-26
CVE-2024-21912 Rockwell Automation Arena Simulation vulnerable to out of bounds write — Arena SimulationCWE-787 7.8 High2024-03-26
CVE-2024-21914 Rockwell Automation - FactoryTalk® View ME on PanelView™ Plus 7 Boot Terminal lack Security Protections — FactoryTalk® View ME 5.3 Medium2024-03-25
CVE-2024-21915 Rockwell Automation FactoryTalk® Service Platform Elevated Privileges Vulnerability Through Web Service Functionality — FactoryTalk® Service PlatformCWE-732 9.0 Critical2024-02-16
CVE-2024-21916 Rockwell Automation Denial-of-service Vulnerability in ICE1 Controller — ControlLogix® 5570CWE-119 8.6 High2024-01-31

This page lists every published CVE security advisory associated with Rockwell Automation. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.