Rockwell Automation FactoryTalk Services Platform

🗓️ 26 Oct 2023 06:00:00Reported by Industrial Control Systems Cyber Emergency Response TeamType

ics🔗 www.cisa.gov👁 42 Views

Vulnerability in Rockwell Automation FactoryTalk Services Platform, Improper Authentication: Exploitable remotely to obtain a local Windows OS user token

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2023-46290	27 Oct 202322:17	–	circl
CNNVD	Rockwell Automation FactoryTalk Services Platform 授权问题漏洞	27 Oct 202300:00	–	cnnvd
CNVD	Rockwell Automation FactoryTalk Services Platform Authorization Issue Vulnerability	30 Oct 202300:00	–	cnvd
CVE	CVE-2023-46290	27 Oct 202318:10	–	cve
Cvelist	CVE-2023-46290 Rockwell Automation FactoryTalk Services Platform Elevated Privileges Vulnerability	27 Oct 202318:10	–	cvelist
EUVD	EUVD-2023-50514	3 Oct 202520:07	–	euvd
NVD	CVE-2023-46290	27 Oct 202319:15	–	nvd
Prion	Code injection	27 Oct 202319:15	–	prion
Positive Technologies	PT-2023-7571 · Rockwell Automation · Factorytalk Services Platform	27 Oct 202300:00	–	ptsecurity
Tenable Nessus	Rockwell FactoryTalk Services Platform 2.74 Authentication Bypass	20 Jan 202400:00	–	nessus

Source	Link
raw	www.raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2023/icsa-23-299-06.json
cisa	www.cisa.gov/news-events/ics-advisories/icsa-23-299-06
cisa	www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01
cisa	www.cisa.gov/resources-tools/resources/ics-recommended-practices
cisa	www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf
cisa	www.cisa.gov/topics/industrial-control-systems
us-cert	www.us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf
cisa	www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B

26 Oct 2023 06:00Current

8.3High risk

Vulners AI Score8.3

CVSS 3.18.1

EPSS0.0016

SSVC