Rockwellautomation: Security Vulnerabilities
An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow in the heap.
potentially resulting in a complete loss of confidentiality, integrity, and availability.
CVSS Score
7.8
EPSS Score
0.004
Published
2023-05-09
An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow in the heap.
potentially resulting in a complete loss of confidentiality, integrity, and availability.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-05-09
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-18411.
CVSS Score
9.8
EPSS Score
0.006
Published
2023-03-29
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-16486.
CVSS Score
9.1
EPSS Score
0.003
Published
2023-03-29
In affected versions, a heap-based buffer over-read condition occurs when the message field indicates more data than is present in the message field
in Rockwell Automation's ThinManager ThinServer. An unauthenticated remote attacker can exploit this vulnerability to crash ThinServer.exe due to a read access violation.
CVSS Score
7.5
EPSS Score
0.26
Published
2023-03-22
In affected versions, a path traversal exists when processing a message in Rockwell Automation's ThinManager ThinServer. An unauthenticated remote attacker could potentially exploit this vulnerability to upload arbitrary files to any directory on the disk drive where ThinServer.exe is installed. The attacker could overwrite existing executable files with attacker-controlled, malicious contents, potentially causing remote code execution.
CVSS Score
9.8
EPSS Score
0.536
Published
2023-03-22
In affected versions, path traversal exists when processing a message of type 8
in Rockwell Automation's ThinManager ThinServer.
An unauthenticated remote attacker can exploit this vulnerability to download arbitrary files on the disk drive where ThinServer.exe is installed.
CVSS Score
7.5
EPSS Score
0.646
Published
2023-03-22
Rockwell Automation Modbus TCP Server AOI prior to 2.04.00 is vulnerable to an unauthorized user sending a malformed message that could cause the controller to respond with a copy of the most recent response to the last valid request. If exploited, an unauthorized user could read the connected device’s Modbus TCP Server AOI information.
CVSS Score
5.3
EPSS Score
0.0
Published
2023-03-17
The affected products are vulnerable to an integer
overflow or wraparound, which could allow an attacker to crash the server and remotely
execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-02-23
The affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the server and remotely execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.016
Published
2023-02-23