7
CVEs
1
Critical
6
High
0
KEV
0
PoC
7
Unpatched C/H
0.0%
Patch Rate
0.2%
Avg EPSS
Severity Breakdown
CRITICAL
1
HIGH
6
MEDIUM
0
LOW
0
Monthly CVE Trend
Affected Products (30)
Arena
38
Thinmanager
13
Micrologix 1100 Firmware
12
Armorstart St 281E Firmware
10
Factorytalk View
10
Armorstart St 284Ee Firmware
10
Compactlogix 5380 Firmware
8
Factorytalk Services Platform
8
Micrologix 1400 Firmware
8
Controllogix 5580 Firmware
7
Guardlogix 5580 Firmware
7
Compactlogix 5480 Firmware
7
Compact Guardlogix 5380 Firmware
7
1763 L16Bbb Series B
6
1763 L16Bbb Series A
6
1763 L16Dwd Series B
6
Micrologix 1400 A Firmware
6
1763 L16Awa Series A
6
1763 L16Bwa Series A
6
1763 L16Bwa Series B
6
1763 L16Awa Series B
6
Micrologix 1400 B Firmware
6
1763 L16Dwd Series A
6
1766 L32Awaa Series A
5
1766 L32Bxb Series A
5
Factorytalk Policy Manager
5
1766 L32Awaa Series B
5
1766 L32Bxb Series B
5
1766 L32Bwaa Series A
5
Thinmanager Thinserver
5
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2026-11917 | Arbitrary file write in Rockwell Automation FactoryTalk ThinManager allows an authenticated attacker to abuse a path traversal flaw in the software's API, saving files outside the application's intended directory into restricted system locations. Because CWE-22 file-write primitives on a Windows-based OT management server commonly enable code execution or service disruption, this carries an integrity and availability impact (CVSS 4.0 base 7.2). There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV. | HIGH | 7.2 | 0.3% | 36 |
No patch
|
| CVE-2025-7025 | A memory abuse issue exists in the Rockwell Automation Arena® Simulation. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available. | HIGH | 8.4 | 0.0% | – |
No patch
|
| CVE-2025-7032 | A memory abuse issue exists in the Rockwell Automation Arena® Simulation. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available. | HIGH | 8.4 | 0.0% | – |
No patch
|
| CVE-2025-7033 | A memory abuse issue exists in the Rockwell Automation Arena® Simulation. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available. | HIGH | 8.4 | 0.0% | – |
No patch
|
| CVE-2025-7353 | A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix® Ethernet Modules. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available. | CRITICAL | 9.3 | 0.6% | – |
No patch
|
| CVE-2025-9065 | A server-side request forgery security issue exists within Rockwell Automation ThinManager® software due to the lack of input sanitization. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available. | HIGH | 8.6 | 0.0% | – |
No patch
|
| CVE-2025-11918 | Rockwell Automation Arena® suffers from a stack-based buffer overflow vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required. No vendor patch available. | HIGH | 7.1 | 0.0% | – |
No patch
|