CVE-2024-21917 – Rockwell Automation FactoryTalk® Service Platform Service Token Vulnerability
https://notcve.org/view.php?id=CVE-2024-21917
A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. This is due to the lack of digital signing between the FTSP service token and directory. If exploited, a malicious user could potentially retrieve user information and modify settings without any authentication. Existe una vulnerabilidad en Rockwell Automation FactoryTalk® Service Platform que permite a un usuario malintencionado obtener el token de servicio y usarlo para autenticación en otro directorio FTSP. Esto se debe a la falta de firma digital entre el token del servicio FTSP y el directorio. • https://www.rockwellautomation.com/en-us/support/advisory.SD1660.html • CWE-347: Improper Verification of Cryptographic Signature •
CVE-2023-46289 – Rockwell Automation FactoryTalk® View Site Edition Vulnerable to Improper Input Validation
https://notcve.org/view.php?id=CVE-2023-46289
Rockwell Automation FactoryTalk View Site Edition insufficiently validates user input, which could potentially allow threat actors to send malicious data bringing the product offline. If exploited, the product would become unavailable and require a restart to recover resulting in a denial-of-service condition. Rockwell Automation FactoryTalk View Site Edition no valida suficientemente la entrada del usuario, lo que podría permitir que los actores de amenazas envíen datos maliciosos y desconecten el producto. Si se explota, el producto dejaría de estar disponible y requeriría un reinicio para recuperarse, lo que provocaría una condición de Denegación de Servicio (DoS). • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141167 • CWE-20: Improper Input Validation •
CVE-2023-46290 – Rockwell Automation FactoryTalk Services Platform Elevated Privileges Vulnerability
https://notcve.org/view.php?id=CVE-2023-46290
Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk® Services Platform web service and then use the token to log in into FactoryTalk® Services Platform . This vulnerability can only be exploited if the authorized user did not previously log in into the FactoryTalk® Services Platform web service. Debido a una lógica de código inadecuada, un actor de amenazas no autenticado previamente podría obtener un token de usuario del sistema operativo Windows local a través del servicio web FactoryTalk® Services Platform y luego usar el token para iniciar sesión en FactoryTalk® Services Platform. Esta vulnerabilidad solo se puede aprovechar si el usuario autorizado no inició sesión previamente en el servicio web FactoryTalk® Services Platform. • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141165 • CWE-287: Improper Authentication •
CVE-2023-29464 – Rockwell Automation FactoryTalk Linx Vulnerable to Denial-of-Service and Information Disclosure
https://notcve.org/view.php?id=CVE-2023-29464
FactoryTalk Linx, in the Rockwell Automation PanelView Plus, allows an unauthenticated threat actor to read data from memory via crafted malicious packets. Sending a size larger than the buffer size results in leakage of data from memory resulting in an information disclosure. If the size is large enough, it causes communications over the common industrial protocol to become unresponsive to any type of packet, resulting in a denial-of-service to FactoryTalk Linx over the common industrial protocol. FactoryTalk Linx, en Rockwell Automation PanelView Plus, permite que un actor de amenazas no autenticado lea datos de la memoria a través de paquetes maliciosos manipulados. Enviar un tamaño mayor que el tamaño del búfer da como resultado una fuga de datos de la memoria, lo que resulta en una divulgación de información. • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141040 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVE-2023-2071 – FactoryTalk View Machine Edition Vulnerable to Remote Code Execution
https://notcve.org/view.php?id=CVE-2023-2071
Rockwell Automation FactoryTalk View Machine Edition on the PanelView Plus, improperly verifies user’s input, which allows unauthenticated attacker to achieve remote code executed via crafted malicious packets. The device has the functionality, through a CIP class, to execute exported functions from libraries. There is a routine that restricts it to execute specific functions from two dynamic link library files. By using a CIP class, an attacker can upload a self-made library to the device which allows the attacker to bypass the security check and execute any code written in the function. Rockwell Automation FactoryTalk View Machine Edition en PanelView Plus verifica incorrectamente la entrada del usuario, lo que permite a un atacante no autenticado lograr la ejecución remota de código a través de paquetes maliciosos manipulados. • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140724 • CWE-20: Improper Input Validation CWE-434: Unrestricted Upload of File with Dangerous Type •