Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Rockwell Automation — Vulnerabilities & Security Advisories 259

Browse all 259 CVE security advisories affecting Rockwell Automation. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Rockwell Automation specializes in industrial automation and information integration, providing critical control systems for manufacturing and process industries. Its software portfolio, including FactoryTalk and PlantPAx, manages complex operational technology environments, making it a high-value target for threat actors seeking to disrupt industrial infrastructure. Historical vulnerability data reveals a prevalence of remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from legacy components or insufficient input validation in web-based interfaces. Notable incidents include the 2018 discovery of backdoors in FactoryTalk View SE, which allowed unauthorized access to industrial control systems. These vulnerabilities highlight the persistent risk of insecure default configurations and unpatched legacy systems within industrial networks. The sheer volume of recorded CVEs underscores the complexity of securing interconnected OT/IT environments, where updates must balance operational continuity with rigorous security hygiene to prevent catastrophic physical or data breaches.

Top products by Rockwell Automation: Arena® Arena Simulation ArmorStart ST ArmorStart® LT FactoryTalk AssetCentre 1756-ENBT, 1756-EWEB, 1768-ENBT, 1768-EWEB communication modules ThinManager ThinServer FactoryTalk View SE ThinManager® ThinServer™ ISaGRAF Runtime RSLinx Classic Pavilion8® ControlLogix® 5580 FactoryTalk® View SE Verve Asset Manager Arena® Simulation RSLinx Enterprise Software FactoryTalk Updater FactoryTalk View Machine Edition ThinManager PM1k 1408-BC3A-485 FactoryTalk® AssetCentre FactoryTalk System Services Comms - 1783-NATR FactoryTalk® DataMosaix™ Private Cloud ISaGRAF Workbench Connected Components Workbench CompactLogix 5380 controllers Micro820®, Micro850®, Micro870® FactoryTalk® Service Platform
CVE IDTitleCVSSSeverityPublished
CVE-2024-21917 Rockwell Automation FactoryTalk® Service Platform Service Token Vulnerability — FactoryTalk® Service PlatformCWE-347 9.8 Critical2024-01-31
CVE-2023-27858 Rockwell Automation Arena® Simulation Uninitialized Pointer Vulnerability — Arena SimulationCWE-824 7.8 High2023-10-27
CVE-2023-27854 Rockwell Automation Arena® Simulation Out of Bounds Read Vulnerability — Arena SimulationCWE-125 7.8 High2023-10-27
CVE-2023-46289 Rockwell Automation FactoryTalk® View Site Edition Vulnerable to Improper Input Validation — FactoryTalk® View Site Edition CWE-20 7.5 High2023-10-27
CVE-2023-46290 Rockwell Automation FactoryTalk Services Platform Elevated Privileges Vulnerability — FactoryTalk® Services PlatformCWE-287 8.1 High2023-10-27
CVE-2023-29464 Rockwell Automation FactoryTalk Linx Vulnerable to Denial-of-Service and Information Disclosure — FactoryTalk Linx CWE-20 8.2 High2023-10-13
CVE-2023-2262 Rockwell Automation Select Logix Communication Modules Vulnerable to Email Object Buffer Overflow — 1756-EN2T Series A, B, CCWE-121 9.8 Critical2023-09-20
CVE-2023-29463 Pavilion8 Security Misconfiguration Vulnerability — Pavilion8CWE-287 8.8 High2023-09-12
CVE-2023-2071 FactoryTalk View Machine Edition Vulnerable to Remote Code Execution — FaCWE-20 9.8 Critical2023-09-12
CVE-2023-2917 Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerability — ThinManager ThinServerCWE-20 9.8 Critical2023-08-17
CVE-2023-2915 Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerability — ThinManager ThinServerCWE-20 7.5 High2023-08-17
CVE-2023-2914 Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerabilitiy — ThinManager ThinServerCWE-20 7.5 High2023-08-17
CVE-2023-2423 Rockwell Automation Armor PowerFlex Vulnerable to Denial-Of-Service — Armor PowerFlexCWE-682 8.6 High2023-08-08
CVE-2023-2913 Rockwell Automation ThinManager ThinServer Path Traversal Vulnerability — ThinManager ThinServerCWE-23 7.5 High2023-07-18
CVE-2023-2263 Rockwell Automation Kinetix 5700 DC Bus Power Supply Series A – CIP Message Attack Could Cause Denial-Of-Service — Kinetix 5700 DC Bus Power Supply Series A CWE-400 7.5 High2023-07-18
CVE-2023-3596 Rockwell Automation Allen-Bradley ControlLogix Communication Modules vulnerable to Denial of Service — 1756-EN4TR Series ACWE-787 7.5 High2023-07-12
CVE-2023-3595 Rockwell Automation ControlLogix Communication Modules Vulnerable to Remote Code Execution — 1756-EN2T Series A, B, CCWE-787 9.8 Critical2023-07-12
CVE-2023-2746 Rockwell Automation Enhanced HIM Vulnerable to Cross-Site Request Forgery Attack — Enhanced HIMCWE-352 9.6 Critical2023-07-11
CVE-2023-2072 Rockwell Automation PowerMonitor 1000 Cross-Site Scripting Vulnerability — PowerMonitor 1000CWE-787 8.8 High2023-07-11
CVE-2023-2778 Rockwell Automation FactoryTalk Transaction Manager Vulnerable to Denial-Of-Service — FactoryTalk Transaction ManagerCWE-400 7.5 High2023-06-13
CVE-2023-2639 Rockwell Automation FactoryTalk System Services Vulnerable to Sensitive Information Disclosure — FactoryTalk System ServicesCWE-346 4.1 Medium2023-06-13
CVE-2023-2638 Rockwell Automation FactoryTalk System Services Vulnerable to a Denial-of-Service Attack — FactoryTalk System ServicesCWE-287 5.9 Medium2023-06-13
CVE-2023-2637 Rockwell Automation FactoryTalk System Services Vulnerable To Use Of Hard-Coded Cryptographic Key — FactoryTalk System ServicesCWE-321 7.3 High2023-06-13
CVE-2023-2444 Rockwell Automation FactoryTalk Vantagepoint 跨站请求伪造漏洞 — FactoryTalk Vantagepoint 7.1 High2023-05-11
CVE-2023-2443 Rockwell Automation ThinManager 加密问题漏洞 — ThinManager 7.5 High2023-05-11
CVE-2023-1834 Rockwell Automation Kinetix 5500 Vulnerable to Open Port Exploitation — Kinetix 5500 EtherNet/IP Servo DriveCWE-284 9.4 Critical2023-05-11
CVE-2023-29022 Rockwell Automation ArmorStart ST Vulnerable to Cross-Site Scripting Attack — ArmorStart STCWE-79 4.7 Medium2023-05-11
CVE-2023-29029 Rockwell Automation ArmorStart ST Vulnerable to Cross-Site Scripting Attack — ArmorStart STCWE-79 4.7 Medium2023-05-11
CVE-2023-29028 Rockwell Automation ArmorStart ST Vulnerable to Cross-Site Scripting Attack — ArmorStart STCWE-79 4.7 Medium2023-05-11
CVE-2023-29027 Rockwell Automation ArmorStart ST Vulnerable to Cross-Site Scripting Attack — ArmorStart STCWE-79 4.7 Medium2023-05-11

This page lists every published CVE security advisory associated with Rockwell Automation. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.