CVE-2020-12033

In Rockwell Automation FactoryTalk Services Platform, all versions, the redundancy host service RdcyHost.exe does not validate supplied identifiers, which could allow an unauthenticated, adjacent attacker to execute remote COM objects with elevated privileges...

EUVD-2020-4349

Malware in sbrugna...

EUVD-2021-19681

Malware in sbrugna...

EUVD-2020-6652

Malware in sbrugna...

EUVD-2023-50514

Malicious code in bioql PyPI...

The vulnerability of the Redundancy Host Service (RdcyHost.exe) of the FactoryTalk Services Platform allows a attacker to increase their privileges and execute arbitrary code.

The vulnerability of the Redundancy Host Service RdcyHost.exe component of the FactoryTalk Services Platform is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to increase their privileges and execute arbitrary code...

The vulnerability of the FactoryTalk Services Platform, related to buffer overflows in dynamic memory, can lead to service failures.

The vulnerability of the FactoryTalk Services Platform lies in the overflow of memory buffer in dynamic memory. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

CVE-2020-14516

In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an issue with the implementation of the SHA-256 hashing algorithm with FactoryTalk Services Platform that prevents the user password from being hashed properly...

Rockwell FactoryTalk Services Platform < 6.40 Authentication Bypass

The version of Rockwell FactoryTalk Services Platform installed on the remote Windows host is prior to 6.40. It is, therefore, affected by a vulnerability. - A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and u...

Rockwell Automation FactoryTalk Services Platform Authorization Issue Vulnerability

Rockwell Automation FactoryTalk Services Platform is a suite of services platforms from Rockwell Automation that provides routine services for applications such as diagnostic information, health monitoring and real-time data access. A security vulnerability exists in Rockwell Automation FactoryTa...

CVE-2023-46290

Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk® Services Platform web service and then use the token to log in into FactoryTalk® Services Platform . This vulnerability can only be exploited if...

CVE-2023-46290

Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk® Services Platform web service and then use the token to log in into FactoryTalk® Services Platform . This vulnerability can only be exploited if...

CVE-2023-46290 Rockwell Automation FactoryTalk Services Platform Elevated Privileges Vulnerability

Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk® Services Platform web service and then use the token to log in into FactoryTalk® Services Platform . This vulnerability can only be exploited if...

CVE-2023-46290 Rockwell Automation FactoryTalk Services Platform Elevated Privileges Vulnerability

Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk® Services Platform web service and then use the token to log in into FactoryTalk® Services Platform . This vulnerability can only be exploited if...

Rockwell Automation FactoryTalk Services Platform 授权问题漏洞

Rockwell Automation FactoryTalk Services Platform is a suite of services platforms from Rockwell Automation that provides routine services for applications such as diagnostic information, health monitoring and real-time data access. A security vulnerability exists in Rockwell Automation FactoryTa...

Rockwell Automation FactoryTalk Services Platform

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION : Exploitable remotely Vendor : Rockwell Automation Equipment : FactoryTalk Services Platform Vulnerability : Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could use a token to log into the system. 3...

Rockwell Automation FactoryTalk Services Platform

1. EXECUTIVE SUMMARY ​CVSS v3 7.3 ​ATTENTION: Exploitable remotely/low attack complexity ​Vendor: Rockwell Automation ​Equipment: FactoryTalk Services Platform ​Vulnerabilities: Use of Hard-coded Cryptographic Key, Improper Authentication, Origin Validation Error 2. RISK EVALUATION ​Successful...

Rockwell Automation FactoryTalk Services Platform 访问控制错误漏洞

Rockwell Automation FactoryTalk Services Platform is a suite of services platforms from Rockwell Automation that provides routine services for applications such as diagnostic information, health monitoring and real-time data access. A trust management issue vulnerability exists in the Rockwell...

Rockwell Automation FactoryTalk Services Platform 信任管理问题漏洞

Rockwell Automation FactoryTalk Services Platform is a suite of services platforms from Rockwell Automation, Inc. that consists of multiple products that provide applications with routine services such as diagnostic information, health monitoring, and real-time data access. A security vulnerabili...

CVE-2021-32960

Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is enabled and deployed contains a vulnerability that may allow a remote, authenticated attacker to bypass FactoryTalk Security policies based on the computer name. If successfully exploited, this may all...