CVE-2022-38744

2022-10-2714:15:10

CWE-287

[email protected]

web.nvd.nist.gov

cve-2022-38744

unauthenticated attacker

network access

rockwell automation

factorytalk

alarm

events

service fault

xml

nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

26.0%

JSON

An unauthenticated attacker with network access to a victim’s Rockwell Automation FactoryTalk Alarm and
Events service could open a connection, causing the service to fault and become unavailable. The affected port
could be used as a server ping port and uses messages structured with XML.

Affected configurations

NVD

Node

rockwellautomationfactorytalk_alarms_and_eventsMatch-

CPENameOperatorVersion
rockwellautomation:factorytalk_alarms_and_eventsrockwellautomation factorytalk alarms and eventseq-

CPE	Name	Operator	Version
rockwellautomation:factorytalk_alarms_and_events	rockwellautomation factorytalk alarms and events	eq	-

CNA Affected

[
  {
    "defaultStatus": "affected",
    "product": "FactoryTalk Alarm and Events Server",
    "vendor": "Rockwell Automation",
    "versions": [
      {
        "status": "affected",
        "version": "All"
      }
    ]
  }
]