CVE-2022-38744 – FactoryTalk Alarm and Events Server Vulnerable to Denial-Of-Service Attack
https://notcve.org/view.php?id=CVE-2022-38744
An unauthenticated attacker with network access to a victim's Rockwell Automation FactoryTalk Alarm and Events service could open a connection, causing the service to fault and become unavailable. The affected port could be used as a server ping port and uses messages structured with XML. Un atacante no autenticado con acceso a la red de la víctima del servicio de Eventos y Alarmas FactoryTalk de Rockwell Automation podría abrir una conexión, provocando que el servicio falle y deje de estar disponible. El puerto afectado podría utilizarse como puerto de ping del servidor y utiliza mensajes estructurados con XML. • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1136876 • CWE-287: Improper Authentication •
CVE-2022-3158
https://notcve.org/view.php?id=CVE-2022-3158
Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an input validation vulnerability. The FactoryTalk VantagePoint SQL Server lacks input validation when users enter SQL statements to retrieve information from the back-end database. If successfully exploited, this could allow a user with basic user privileges to perform remote code execution on the server. Rockwell Automation FactoryTalk VantagePoint versiones 8.0, 8.10, 8.20, 8.30 y 8.31, son vulnerables a una vulnerabilidad de comprobación de entrada. El servidor SQL de FactoryTalk VantagePoint carece de comprobación de entrada cuando los usuarios introducen sentencias SQL para recuperar información de la base de datos del back-end. • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137043 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2022-38743
https://notcve.org/view.php?id=CVE-2022-38743
Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an improper access control vulnerability. The FactoryTalk VantagePoint SQL Server account could allow a malicious user with read-only privileges to execute SQL statements in the back-end database. If successfully exploited, this could allow the attacker to execute arbitrary code and gain access to restricted data. Rockwell Automation FactoryTalk VantagePoint versiones 8.0, 8.10, 8.20, 8.30, 8.31, son susceptibles a una vulnerabilidad de control de acceso inapropiada. La cuenta de FactoryTalk VantagePoint SQL Server podría permitir a un usuario malicioso con privilegios de sólo lectura ejecutar sentencias SQL en la base de datos del back-end. • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137043 • CWE-284: Improper Access Control •
CVE-2021-32960 – Rockwell Automation FactoryTalk Services Platform Protection Mechanism Failure
https://notcve.org/view.php?id=CVE-2021-32960
Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is enabled and deployed contains a vulnerability that may allow a remote, authenticated attacker to bypass FactoryTalk Security policies based on the computer name. If successfully exploited, this may allow an attacker to have the same privileges as if they were logged on to the client machine. Rockwell Automation FactoryTalk Services Platform versiones v6.11 y anteriores, si FactoryTalk Security está habilitado e implementado, contiene una vulnerabilidad que puede permitir a un atacante remoto y autenticado omitir las políticas de FactoryTalk Security basadas en el nombre del equipo. Si es explotado con éxito, esto puede permitir a un atacante tener los mismos privilegios que si estuviera conectado a la máquina cliente • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1131785 https://www.cisa.gov/uscert/ics/advisories/icsa-21-161-01 • CWE-863: Incorrect Authorization •
CVE-2021-27476 – Rockwell Automation FactoryTalk AssetCentre OS Command Injection
https://notcve.org/view.php?id=CVE-2021-27476
A vulnerability exists in the SaveConfigFile function of the RACompare Service, which may allow for OS command injection. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier. Se presenta una vulnerabilidad en la función SaveConfigFile del servicio RACompare, que puede permitir una inyección de comandos del Sistema Operativo. Esta vulnerabilidad puede permitir a un atacante remoto no autenticado ejecutar comandos arbitrarios en Rockwell Automation FactoryTalk AssetCentre versiones v10.00 y anteriores • https://idp.rockwellautomation.com/adfs/ls/idpinitiatedsignon.aspx?RelayState=RPID%3Drockwellautomation.custhelp.com%26RelayState%3Danswers%2Fanswer_view%2Fa_id%2F1130831 https://www.cisa.gov/uscert/ics/advisories/icsa-21-091-01 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •