Good old buffer overflow
CISA has issued an advisory on a Rockwell Automation MicroLogix 1400 buffer overflow vulnerability
KLCERT-17-029: Authentication bypass in Rockwell Automation Logix controllers
A remote unauthenticated attacker able to bypass a verification mechanism and authenticate with Logix controllers and PLC emulator of RSLogix 5000 or Studio 5000 Logix Designer Software.
DoS vulnerability in Allen-Bradley CompactLogix and Compact GuardLogix controllers
Remote attackers could cause a denial-of-service condition in Allen-Bradley CompactLogix and Compact GuardLogix controllers by exploiting a vulnerability in these devices
Serious vulnerability in RSLinx Classic and FactoryTalk Linx Gateway by Rockwell Automation
A serious vulnerability has been identified in Rockwell Automation solutions for industrial networks RSLinx Classic and FactoryTalk Linx Gateway
Vulnerabilities in Rockwell Automation industrial networking solutions
Critical vulnerabilities have been identified in several Rockwell Automation industrial networking devices. The issue is due to Cisco IOS or IOS XE versions with multiple vulnerabilities being used in these devices
New vulnerabilities in Allen Bradley MicroLogix 1400 PLCs
Serious vulnerabilities have been closed in Allen Bradley MicroLogix 1400 PLC series. Exploitation of these vulnerabilities could lead to unauthorized modification of PLC configuration and cause the devices to enter a denial-of-service condition
Vulnerability in Industrial Control software and quality of the patch management
Kaspersky Lab ICS-CERT is launching a series of articles devoted to vulnerability analysis across the world. The articles aim to highlight patch management problems in the ICS world. Each article will focus on one popular ICS vendor and known vulnerabilities according to the MITRE Common Vulnerabilities and Exposures (CVE) database.