Rockwellautomation

Micrologix 1400 Firmware

11 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2022-46670

  • EPSS 0.02%
  • Veröffentlicht 16.12.2022 21:15:09
  • Zuletzt bearbeitet 21.11.2024 07:30:52

Rockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code...

7.5

CVE-2022-3166

  • EPSS 0.21%
  • Veröffentlicht 16.12.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 07:18:57

Rockwell Automation was made aware that the webservers of the Micrologix 1100 and 1400 controllers contain a vulnerability that may lead to a denial-of-service condition. The security vulnerability could be exploited by an attacker with network acce...

6.5

CVE-2022-2179

  • EPSS 0.82%
  • Veröffentlicht 20.07.2022 16:15:09
  • Zuletzt bearbeitet 21.11.2024 07:00:29

The X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and prior is not configured in the HTTP response, which could allow clickjacking attacks.

7.5

CVE-2021-32926

  • EPSS 0.1%
  • Veröffentlicht 03.06.2021 13:15:07
  • Zuletzt bearbeitet 21.11.2024 06:07:56

When an authenticated password change request takes place, this vulnerability could allow the attacker to intercept the message that includes the legitimate, new password hash and replace it with an illegitimate hash. The user would no longer be able...

8.6

CVE-2021-22659

  • EPSS 0.69%
  • Veröffentlicht 25.03.2021 16:15:14
  • Zuletzt bearbeitet 21.11.2024 05:50:25

Rockwell Automation MicroLogix 1400 Version 21.6 and below may allow a remote unauthenticated attacker to send a specially crafted Modbus packet allowing the attacker to retrieve or modify random values in the register. If successfully exploited, thi...

8.6

CVE-2018-17924

  • EPSS 0.12%
  • Veröffentlicht 07.12.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:55:13

Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upon successful connection, send a new IP configuratio...

7.8

CVE-2015-6492

  • EPSS 9.57%
  • Veröffentlicht 28.10.2015 10:59:14
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allow remote attackers to cause a denial of service (memory corruption and device crash) via a crafted HTTP request.

4

CVE-2015-6491

  • EPSS 0.44%
  • Veröffentlicht 28.10.2015 10:59:13
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allow remote authenticated users to insert the content of an arbitrary file into a FRAME element via unspecified vectors.

10

CVE-2015-6490

  • EPSS 0.92%
  • Veröffentlicht 28.10.2015 10:59:12
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Stack-based buffer overflow on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices through B FRN 15.003 allows remote attackers to execute arbitrary code via unspecified vectors.

6.5

CVE-2015-6486

  • EPSS 0.05%
  • Veröffentlicht 28.10.2015 10:59:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

SQL injection vulnerability on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.