Rockwell Automation has an update available to handle an improper authentication vulnerability in its FactoryTalk Services Platform, according to a report with CISA.

Successful exploitation of this remotely exploitable vulnerability, which Rockwell self-reported, could use a token to log into the system.

Rockwell Automation reports the following products suffer from the issue: FactoryTalk Services Platform, v2.74.

In the vulnerability, due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk Services Platform web service and then use the token to log in into FactoryTalk Services Platform. This vulnerability can only end up exploited if the authorized user did not previously log in into the FactoryTalk Services Platform web service.

CVE-2023-46290 is the case number for the vulnerability, which has a CVSS v3.1 base score of 8.1.

Schneider Bold

The product sees use mainly in the critical manufacturing sector, and on a global basis.

This vulnerability has a high attack complexity.

Rockwell Automation encourages users of the affected software to update to V2.80 or later, if possible. Additionally, they encourage customers to implement their suggested security best practices to minimize the risk of vulnerability.

ISSSource

Pin It on Pinterest

Share This