11 matches found
Rockwell Automation FactoryTalk Policy Manager
RISK EVALUATION Successful exploitation of this vulnerability could lead to resource exhaustion and denial of service. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all...
EUVD-2024-47439
Malicious code in bioql PyPI...
The vulnerability of the FactoryTalk Policy Manager software in managing production processes, related to deficiencies in key storage for read-only rights, allows a perpetrator to gain access to protected information.
The vulnerability of the FactoryTalk Policy Manager software-related to deficiencies in key storage with read permissions. Exploiting this vulnerability could allow an attacker to gain access to protected information...
CVE-2024-6325
The v6.40 release of Rockwell Automation FactoryTalk® Policy Manager CVE-2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and CVE-2022-1161 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1585.html by...
CVE-2024-6325
CVE-2024-6325 affects Rockwell Automation FactoryTalk System Services and Policy Manager (v6.40). The root cause is improper privilege management that exposes private keys used for certificates/PSKs, enabling a malicious user with machine access to impersonate resources on the secured network. Th...
PT-2024-8934 · Rockwell Automation · Factorytalk System Services +1
Name of the Vulnerable Software and Affected Versions: FactoryTalk Policy Manager affected versions not specified FactoryTalk System Services affected versions not specified Description: The issue is related to insufficient private key storage permissions in the software, potentially allowing an...
The vulnerability of the FactoryTalk Policy Manager and FactoryTalk System Services software, related to the use of a hard-coded cryptographic key, allows attackers to escalate their privileges.
The vulnerability of the FactoryTalk Policy Manager and FactoryTalk System Services software lies in the use of a strictly encrypted cryptographic key. Exploiting this vulnerability could allow attackers to enhance their privileges...
The vulnerabilities of the FactoryTalk Policy Manager and FactoryTalk System Services software allow attackers to disclose protected information.
The vulnerabilities of the FactoryTalk Policy Manager and FactoryTalk System Services software are related to deficiencies in the data source verification mechanism. Exploitation of these vulnerabilities can allow attackers to disclose protected information...
The vulnerability of the executable file FTSSBackupRestore.exe of the FactoryTalk Policy Manager and FactoryTalk System Services software allows a perpetrator to upload malicious configuration files.
The vulnerability of the executable file FTSSBackupRestore.exe from the manufacturing process management software FactoryTalk Policy Manager and the FactoryTalk System Services system service is related to deficiencies in the authentication process. Exploiting this vulnerability could allow...
CVE-2023-2637
Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to generate administrator cookies. Hard-coded cryptographic key may lead to privilege escalation. This vulnerability may allow a local, authenticated non-admin user to generate an invalid administrator cookie...
CVE-2023-2637 Rockwell Automation FactoryTalk System Services Vulnerable To Use Of Hard-Coded Cryptographic Key
Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to generate administrator cookies. Hard-coded cryptographic key may lead to privilege escalation. This vulnerability may allow a local, authenticated non-admin user to generate an invalid administrator cookie...