CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21917 – Rockwell Automation FactoryTalk® Service Platform Service Token Vulnerability
https://notcve.org/view.php?id=CVE-2024-21917
31 Jan 2024 — A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. This is due to the lack of digital signing between the FTSP service token and directory. If exploited, a malicious user could potentially retrieve user information and modify settings without any authentication. Existe una vulnerabilidad en Rockwell Automation FactoryTalk® Service Platform que permite a un usuario malint... • https://www.rockwellautomation.com/en-us/support/advisory.SD1660.html • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46290 – Rockwell Automation FactoryTalk Services Platform Elevated Privileges Vulnerability
https://notcve.org/view.php?id=CVE-2023-46290
27 Oct 2023 — Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk® Services Platform web service and then use the token to log in into FactoryTalk® Services Platform . This vulnerability can only be exploited if the authorized user did not previously log in into the FactoryTalk® Services Platform web service. Debido a una lógica de código inadecuada, un actor de amenazas no autenticado previamente podría obtener un token de... • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141165 • CWE-287: Improper Authentication •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-32960 – Rockwell Automation FactoryTalk Services Platform Protection Mechanism Failure
https://notcve.org/view.php?id=CVE-2021-32960
01 Apr 2022 — Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is enabled and deployed contains a vulnerability that may allow a remote, authenticated attacker to bypass FactoryTalk Security policies based on the computer name. If successfully exploited, this may allow an attacker to have the same privileges as if they were logged on to the client machine. Rockwell Automation FactoryTalk Services Platform versiones v6.11 y anteriores, si FactoryTalk Security está habilitado e i... • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1131785 • CWE-863: Incorrect Authorization •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14478 – IMPROPER RESTRICTION OF XML EXTERNAL ENTITY REFERENCE CWE-611
https://notcve.org/view.php?id=CVE-2020-14478
24 Feb 2022 — A local, authenticated attacker could use an XML External Entity (XXE) attack to exploit weakly configured XML files to access local or remote content. A successful exploit could potentially cause a denial-of-service condition and allow the attacker to arbitrarily read any local file via system-level services. Un atacante local y autenticado podría usar un ataque de tipo XML External Entity (XXE) para explotar archivos XML débilmente configurados para acceder a contenido local o remoto. Un ataque exitoso po... • https://www.cisa.gov/uscert/ics/advisories/icsa-20-177-02 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 9.8EPSS: 0%CPEs: 20EXPL: 0CVE-2021-22681
https://notcve.org/view.php?id=CVE-2021-22681
03 Mar 2021 — Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800. Rockwell Automation Studio 5000 Logix Designer Versions 21 and later and RSLogix 5000: Versions 16 through 20 are vulnerable because an un... • https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03 • CWE-522: Insufficiently Protected Credentials •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-18981
https://notcve.org/view.php?id=CVE-2018-18981
24 Jan 2019 — In Rockwell Automation FactoryTalk Services Platform 2.90 and earlier, a remote unauthenticated attacker could send numerous crafted packets to service ports resulting in memory consumption that could lead to a partial or complete denial-of-service condition to the affected services. En Rockwell Automation FactoryTalk Services Platform 2.90 y anteriores, un atacante remoto no autenticado podría enviar numerosos paquetes manipulados a los puertos de servicio, lo que resulta en una corrupción de memoria que p... • http://www.securityfocus.com/bid/106279 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2014-9209
https://notcve.org/view.php?id=CVE-2014-9209
31 Mar 2015 — Untrusted search path vulnerability in the Clean Utility application in Rockwell Automation FactoryTalk Services Platform before 2.71.00 and FactoryTalk View Studio 8.00.00 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. Vulnerabilidad de ruta de búsqueda no confiable en la aplicación Clean Utility en Rockwell Automation FactoryTalk Services Platform anterior a 2.71.00 y FactoryTalk View Studio 8.00.00 y anteriores permite a usuarios locales ganar privil... • https://ics-cert.us-cert.gov/advisories/ICSA-15-062-02 •