Skip to main content

Rockwell

24 CVEs vendor

Monthly

CVE-2025-11918 HIGH This Month

Rockwell Automation Arena® suffers from a stack-based buffer overflow vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required. No vendor patch available.

RCE Buffer Overflow Stack Overflow Arena Rockwell
NVD
CVSS 4.0
7.1
EPSS
0.0%
CVE-2025-9065 HIGH This Month

A server-side request forgery security issue exists within Rockwell Automation ThinManager® software due to the lack of input sanitization. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Rockwell Thinmanager
NVD
CVSS 4.0
8.6
EPSS
0.0%
CVE-2025-7353 CRITICAL This Week

A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix® Ethernet Modules. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Rockwell
NVD
CVSS 4.0
9.3
EPSS
0.6%
CVE-2025-7033 HIGH This Month

A memory abuse issue exists in the Rockwell Automation Arena® Simulation. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Arena Rockwell
NVD
CVSS 4.0
8.4
EPSS
0.0%
CVE-2025-7032 HIGH This Month

A memory abuse issue exists in the Rockwell Automation Arena® Simulation. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Arena Rockwell
NVD
CVSS 4.0
8.4
EPSS
0.0%
CVE-2025-7025 HIGH This Month

A memory abuse issue exists in the Rockwell Automation Arena® Simulation. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Arena Rockwell
NVD
CVSS 4.0
8.4
EPSS
0.0%
CVE-2025-3618 HIGH This Week

A denial-of-service vulnerability exists in the Rockwell Automation ThinManager. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Rockwell Thinmanager
NVD
CVSS 4.0
8.5
EPSS
0.1%
CVE-2025-3617 HIGH This Week

A privilege escalation vulnerability exists in the Rockwell Automation ThinManager. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Rockwell Thinmanager
NVD
CVSS 4.0
8.5
EPSS
0.0%
CVE-2025-3289 HIGH This Week

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a stack-based memory buffer overflow. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Memory Corruption Arena Rockwell
NVD
CVSS 4.0
8.5
EPSS
0.1%
CVE-2025-3288 HIGH This Week

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to read outside of the allocated memory buffer. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure Arena Rockwell
NVD
CVSS 4.0
8.5
EPSS
0.1%
CVE-2025-3287 HIGH This Week

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a stack-based memory buffer overflow. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure Arena Rockwell
NVD
CVSS 4.0
8.5
EPSS
0.1%
CVE-2025-3286 HIGH This Week

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to read outside of the allocated memory buffer. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure Arena Rockwell
NVD
CVSS 4.0
8.5
EPSS
0.1%
CVE-2025-3285 HIGH This Week

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to read outside of the allocated memory buffer. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure Arena Rockwell
NVD
CVSS 4.0
8.5
EPSS
0.1%
CVE-2025-2829 HIGH This Week

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to write outside of the allocated memory buffer. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Memory Corruption Arena Rockwell
NVD
CVSS 4.0
8.5
EPSS
0.1%
CVE-2025-2293 HIGH This Week

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to write outside of the allocated memory buffer. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Memory Corruption Arena Rockwell
NVD
CVSS 4.0
8.5
EPSS
0.1%
CVE-2025-2288 HIGH This Week

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to write outside of the allocated memory buffer. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Memory Corruption Arena Rockwell
NVD
CVSS 4.0
8.5
EPSS
0.1%
CVE-2025-2287 HIGH This Week

A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Arena Rockwell
NVD
CVSS 4.0
8.5
EPSS
0.1%
CVE-2025-2286 HIGH This Month

A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Arena Rockwell
NVD
CVSS 4.0
8.5
EPSS
0.1%
CVE-2025-2285 HIGH This Week

A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Arena Rockwell
NVD
CVSS 4.0
8.5
EPSS
0.1%
CVE-2025-1449 HIGH This Week

A vulnerability exists in the Rockwell Automation Verve Asset Manager due to insufficient variable sanitizing. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Rockwell
NVD
CVSS 4.0
7.5
EPSS
0.4%
CVE-2025-0498 HIGH This Month

A data exposure vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Rockwell Factorytalk Assetcentre
NVD
CVSS 4.0
7.0
EPSS
0.2%
CVE-2025-0497 HIGH This Month

A data exposure vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. Rated high severity (CVSS 7.3). No vendor patch available.

Information Disclosure Rockwell Factorytalk Assetcentre
NVD
CVSS 4.0
7.3
EPSS
0.1%
CVE-2025-0477 CRITICAL This Week

An encryption vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Rockwell Factorytalk Assetcentre
NVD
CVSS 4.0
9.3
EPSS
1.5%
CVE-2025-0659 HIGH This Month

A path traversal vulnerability exists in the Rockwell Automation DataEdge Platform DataMosaix Private Cloud. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Rockwell
NVD
CVSS 4.0
7.0
EPSS
0.1%
EPSS 0% CVSS 7.1
HIGH This Month

Rockwell Automation Arena® suffers from a stack-based buffer overflow vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required. No vendor patch available.

RCE Buffer Overflow Stack Overflow +2
NVD
EPSS 0% CVSS 8.6
HIGH This Month

A server-side request forgery security issue exists within Rockwell Automation ThinManager® software due to the lack of input sanitization. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Rockwell Thinmanager
NVD
EPSS 1% CVSS 9.3
CRITICAL This Week

A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix® Ethernet Modules. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Rockwell
NVD
EPSS 0% CVSS 8.4
HIGH This Month

A memory abuse issue exists in the Rockwell Automation Arena® Simulation. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Arena +1
NVD
EPSS 0% CVSS 8.4
HIGH This Month

A memory abuse issue exists in the Rockwell Automation Arena® Simulation. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Arena +1
NVD
EPSS 0% CVSS 8.4
HIGH This Month

A memory abuse issue exists in the Rockwell Automation Arena® Simulation. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Arena +1
NVD
EPSS 0% CVSS 8.5
HIGH This Week

A denial-of-service vulnerability exists in the Rockwell Automation ThinManager. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Rockwell Thinmanager
NVD
EPSS 0% CVSS 8.5
HIGH This Week

A privilege escalation vulnerability exists in the Rockwell Automation ThinManager. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Rockwell Thinmanager
NVD
EPSS 0% CVSS 8.5
HIGH This Week

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a stack-based memory buffer overflow. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Memory Corruption +2
NVD
EPSS 0% CVSS 8.5
HIGH This Week

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to read outside of the allocated memory buffer. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure +2
NVD
EPSS 0% CVSS 8.5
HIGH This Week

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a stack-based memory buffer overflow. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure +2
NVD
EPSS 0% CVSS 8.5
HIGH This Week

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to read outside of the allocated memory buffer. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure +2
NVD
EPSS 0% CVSS 8.5
HIGH This Week

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to read outside of the allocated memory buffer. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure +2
NVD
EPSS 0% CVSS 8.5
HIGH This Week

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to write outside of the allocated memory buffer. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Memory Corruption +2
NVD
EPSS 0% CVSS 8.5
HIGH This Week

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to write outside of the allocated memory buffer. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Memory Corruption +2
NVD
EPSS 0% CVSS 8.5
HIGH This Week

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to write outside of the allocated memory buffer. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Memory Corruption +2
NVD
EPSS 0% CVSS 8.5
HIGH This Week

A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Arena Rockwell
NVD
EPSS 0% CVSS 8.5
HIGH This Month

A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Arena Rockwell
NVD
EPSS 0% CVSS 8.5
HIGH This Week

A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Arena Rockwell
NVD
EPSS 0% CVSS 7.5
HIGH This Week

A vulnerability exists in the Rockwell Automation Verve Asset Manager due to insufficient variable sanitizing. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Rockwell
NVD
EPSS 0% CVSS 7.0
HIGH This Month

A data exposure vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Rockwell Factorytalk Assetcentre
NVD
EPSS 0% CVSS 7.3
HIGH This Month

A data exposure vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. Rated high severity (CVSS 7.3). No vendor patch available.

Information Disclosure Rockwell Factorytalk Assetcentre
NVD
EPSS 2% CVSS 9.3
CRITICAL This Week

An encryption vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Rockwell Factorytalk Assetcentre
NVD
EPSS 0% CVSS 7.0
HIGH This Month

A path traversal vulnerability exists in the Rockwell Automation DataEdge Platform DataMosaix Private Cloud. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Rockwell
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy