Skip to main content

Compactlogix 5370 L1 Firmware

4 CVEs product

Monthly

CVE-2022-1161 CRITICAL Act Now

An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Compactlogix 1768 L43 Firmware Compactlogix 1768 L45 Firmware Compactlogix 1769 L31 Firmware Compactlogix 1769 L32C Firmware +20
NVD
CVSS 3.1
9.8
EPSS
5.0%
CVE-2019-10952 CRITICAL Act Now

An attacker could send a crafted HTTP/HTTPS request to render the web server unavailable and/or lead to remote code execution caused by a stack-based buffer overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow Compactlogix 5370 L1 Firmware Compactlogix 5370 L2 Firmware +2
NVD
CVSS 3.1
9.8
EPSS
10.0%
CVE-2019-10954 HIGH This Week

An attacker could send crafted SMTP packets to cause a denial-of-service condition where the controller enters a major non-recoverable faulted state (MNRF) in CompactLogix 5370 L1, L2, and L3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Compactlogix 5370 L1 Firmware Compactlogix 5370 L2 Firmware Compactlogix 5370 L3 Firmware +2
NVD
CVSS 3.1
7.5
EPSS
6.1%
CVE-2019-10955 MEDIUM This Month

In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15.002 and earlier, MicroLogix 1100 Controllers v14.00 and earlier, CompactLogix 5370 L1 controllers v30.014 and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Rockwell Micrologix 1400 A Firmware Micrologix 1400 B Firmware Micrologix 1100 Firmware +3
NVD VulDB
CVSS 3.1
6.1
EPSS
3.0%
EPSS 5% CVSS 9.8
CRITICAL Act Now

An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Compactlogix 1768 L43 Firmware Compactlogix 1768 L45 Firmware +22
NVD
EPSS 10% CVSS 9.8
CRITICAL Act Now

An attacker could send a crafted HTTP/HTTPS request to render the web server unavailable and/or lead to remote code execution caused by a stack-based buffer overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow +4
NVD
EPSS 6% CVSS 7.5
HIGH This Week

An attacker could send crafted SMTP packets to cause a denial-of-service condition where the controller enters a major non-recoverable faulted state (MNRF) in CompactLogix 5370 L1, L2, and L3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Compactlogix 5370 L1 Firmware +4
NVD
EPSS 3% CVSS 6.1
MEDIUM This Month

In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15.002 and earlier, MicroLogix 1100 Controllers v14.00 and earlier, CompactLogix 5370 L1 controllers v30.014 and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Rockwell Micrologix 1400 A Firmware +5
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy