Automation Security Vulnerabilities Archive

It has come to our attention that vulnerabilities have been reported in the following products. We encourage you to contact us immediately to address alerts and advisories as they are discovered. Our cybersecurity experts specialize in identifying operational technology vulnerabilities and can implement proactive security controls against malicious attacks, keeping your system performance top-of-mind. Our team will update this archive on a routine basis as new information about major vulnerabilities is publicly released.

Page last updated: 10/20/2022

Allen Bradley / Rockwell Automation

PN1596
Logix Controllers Vulnerable to Denial-of-Service Attack (Updated June 17, 2022)

PN1586
Logix Designer Application May Allow Unauthorized Controller Code Injection (Updated May 09, 2022)

PN1585
Logix Controllers May Allow for Unauthorized Code Injection (Updated May 09, 2022)

PN1569
FactoryTalk Security Remote Desktop Connection ‘Computer Name’ Policy Bypass Vulnerability

PN1565
Connected Components Workbench Vulnerable to Multiple Phishing-Style Attacks

PN1551
1734-AENTR Series B and Series C Contains Multiple Web Vulnerabilities

PN1554
CompactLogix 5370 and ControlLogix 5570 Controllers Vulnerable to Denial of Service Conditions due to Improper Input Validation

PN1534
Stratix 5700 HTTP Session Management Weakness

PN1531
1794-AENT Flex I/O Series B Contains Multiple Denial-of-Service Vulnerabilities (Updated February 02, 2021)

PN1510
FactoryTalk View SE Contains Multiple Vulnerabilities Found During Pwn2Own Competition (Updated August 18, 2020)

Siemens

SSA-557541
Denial-of-Service Vulnerability in SIMATIC S7-400 CPUs

SSA-941426
Multiple LLDP Vulnerabilities in Industrial Products

SSA-844562
Multiple Vulnerabilities in Licensing Software for WinCC OA

SSA-840188
Multiple Vulnerabilities in SIMATIC WinCC Affecting Other SIMATIC Software Products

SSA-538778
SmartVNC Vulnerabilities in SIMATIC HMI/WinCC Products

SSA-705517
Remote Code Execution Vulnerability in SIMATIC WinCC and SIMATIC PCS 7

SSA-679335
Multiple Vulnerabilities in Embedded FTP Server of SIMATIC CP Modules

SSA-113131
Denial of Service Vulnerabilities in SIMATIC S7-400 CPUs

SSB-439005
Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP

SSA-307392
Denial of Service in OPC UA in Industrial Products

Ignition / Inductive Automation

CVE-2022-1264
Ignition may allow an attacker with access to the Ignition web configuration to run arbitrary code

Need support addressing a security alert or advisory?

 

Contact Us
or call us toll-free at (844) 200-8800
This is not an exhaustive list of alerts or advisories and therefore should not be used as such. All information included in https://www.automationgroup.com/automation-security-vulnerabilities-archive is provided “as is” for informational purposes only. It is the responsibility of user to evaluate the accuracy, completeness, or usefulness of any information, advice, or other content. In no event shall Automation Group be liable for any damages arising out of, resulting from, or in any way connected with, this information. Each user is solely responsible for any consequences of their direct or indirect use of this information.
Company

Who we are

Services

Certifications

Clients

Culture
100 Employees Strong
100 Employees Strong
Good Times at AG Company Meetings
Good Times at AG Company Meetings
AG Receives Best Places to Work Award!
AG Receives Best Places to Work Award!
News
E Tech Group Secures New Investment from Graham Partners, Sets Stage for Continued Growth and Innovation
E Tech Group Secures New Investment from Graham Partners, Sets Stage for Continued Growth and Innovation
E Tech Group Acquires Automation Group
E Tech Group Acquires Automation Group
August ’23 Employee of the Month!
August ’23 Employee of the Month!
July ’23 Employee of the Month!
July ’23 Employee of the Month!
Careers

Perks and Benefits

Openings

Contact

Toll Free
(888) 4 PLC – HMI

©2019 – Automation Group ®

Loading...