Lucene search

[email protected]NVD:CVE-2023-2638

HistoryJun 13, 2023 - 9:15 p.m.

CVE-2023-2638

2023-06-1321:15:09

CWE-287

[email protected]

web.nvd.nist.gov

rockwell automation

factorytalk system services

backup archive

password protection

improper authorization

malicious configuration archives

local user

restore procedure

5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

6.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Rockwell Automation’s FactoryTalk System Services does not verify that a backup configuration archive is password protected.

Improper authorization in FTSSBackupRestore.exe may lead to the loading of malicious configuration archives. This vulnerability may allow a local, authenticated non-admin user to craft a malicious backup archive, without password protection, that will be loaded by FactoryTalk System Services as a valid backup when a restore procedure takes places. User interaction is required for this vulnerability to be successfully exploited.

Affected configurations

NVD

Node

rockwellautomationfactorytalk_policy_managerMatch6.11.0

rockwellautomationfactorytalk_system_servicesMatch6.11.0

References

rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139683

5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

6.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for NVD:CVE-2023-2638

cve1 prion1 cvelist1 ics1