It has come to our attention that vulnerabilities have been reported in the following products. We encourage you to contact us immediately to address alerts and advisories as they are discovered. Our cybersecurity experts specialize in identifying operational technology vulnerabilities and can implement proactive security controls against malicious attacks, keeping your system performance top-of-mind. Our team will update this archive on a routine basis as new information about major vulnerabilities is publicly released.
Page last updated: 10/20/2022
PN1596
Logix Controllers Vulnerable to Denial-of-Service Attack (Updated June 17, 2022)
PN1586
Logix Designer Application May Allow Unauthorized Controller Code Injection (Updated May 09, 2022)
PN1585
Logix Controllers May Allow for Unauthorized Code Injection (Updated May 09, 2022)
PN1569
FactoryTalk Security Remote Desktop Connection ‘Computer Name’ Policy Bypass Vulnerability
PN1565
Connected Components Workbench Vulnerable to Multiple Phishing-Style Attacks
PN1551
1734-AENTR Series B and Series C Contains Multiple Web Vulnerabilities
PN1554
CompactLogix 5370 and ControlLogix 5570 Controllers Vulnerable to Denial of Service Conditions due to Improper Input Validation
PN1534
Stratix 5700 HTTP Session Management Weakness
PN1531
1794-AENT Flex I/O Series B Contains Multiple Denial-of-Service Vulnerabilities (Updated February 02, 2021)
PN1510
FactoryTalk View SE Contains Multiple Vulnerabilities Found During Pwn2Own Competition (Updated August 18, 2020)
SSA-557541
Denial-of-Service Vulnerability in SIMATIC S7-400 CPUs
SSA-941426
Multiple LLDP Vulnerabilities in Industrial Products
SSA-844562
Multiple Vulnerabilities in Licensing Software for WinCC OA
SSA-840188
Multiple Vulnerabilities in SIMATIC WinCC Affecting Other SIMATIC Software Products
SSA-538778
SmartVNC Vulnerabilities in SIMATIC HMI/WinCC Products
SSA-705517
Remote Code Execution Vulnerability in SIMATIC WinCC and SIMATIC PCS 7
SSA-679335
Multiple Vulnerabilities in Embedded FTP Server of SIMATIC CP Modules
SSA-113131
Denial of Service Vulnerabilities in SIMATIC S7-400 CPUs
SSB-439005
Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP
SSA-307392
Denial of Service in OPC UA in Industrial Products
CVE-2022-1264
Ignition may allow an attacker with access to the Ignition web configuration to run arbitrary code