Lucene search
K

838 matches found

BDU FSTEC
BDU FSTEC
added 2023/07/25 12:0 a.m.4 views

The vulnerability of Rockwell Automation’s FactoryTalk Transaction Manager software, related to uncontrolled resource consumption, allows a intruder to trigger a service failure.

The vulnerability of Rockwell Automation’s FactoryTalk Transaction Manager software-related manufacturing process management systems is related to uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

7.8CVSS7.2AI score0.01221EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/07/25 12:0 a.m.7 views

The vulnerability of the FactoryTalk Policy Manager and FactoryTalk System Services software, related to the use of a hard-coded cryptographic key, allows attackers to escalate their privileges.

The vulnerability of the FactoryTalk Policy Manager and FactoryTalk System Services software lies in the use of a strictly encrypted cryptographic key. Exploiting this vulnerability could allow attackers to enhance their privileges...

7.3CVSS7.4AI score0.00203EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/07/20 12:0 a.m.9 views

The vulnerability of the executable file FTSSBackupRestore.exe of the FactoryTalk Policy Manager and FactoryTalk System Services software allows a perpetrator to upload malicious configuration files.

The vulnerability of the executable file FTSSBackupRestore.exe from the manufacturing process management software FactoryTalk Policy Manager and the FactoryTalk System Services system service is related to deficiencies in the authentication process. Exploiting this vulnerability could allow...

5.9CVSS5.8AI score0.00197EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/07/20 12:0 a.m.9 views

The vulnerabilities of the FactoryTalk Policy Manager and FactoryTalk System Services software allow attackers to disclose protected information.

The vulnerabilities of the FactoryTalk Policy Manager and FactoryTalk System Services software are related to deficiencies in the data source verification mechanism. Exploitation of these vulnerabilities can allow attackers to disclose protected information...

4.1CVSS5.5AI score0.00384EPSS
Exploits0References5Affected Software2
CNVD
CNVD
added 2023/06/21 12:0 a.m.8 views

Rockwell Automation FactoryTalk Services Platform Trust Management Issue Vulnerability

Rockwell Automation FactoryTalk Services Platform is a suite of services platforms from Rockwell Automation that provides routine services for applications such as diagnostic information, health monitoring and real-time data access. A trust management issue vulnerability exists in the Rockwell...

4.7CVSS6.6AI score0.00384EPSS
Exploits0References1
CNVD
CNVD
added 2023/06/19 12:0 a.m.8 views

Rockwell Automation FactoryTalk Transaction Manager Denial of Service Vulnerability

Rockwell Automation FactoryTalk Transaction Manager is a control system for saving database data from Rockwell Automation USA. A security vulnerability exists in Rockwell Automation FactoryTalk Transaction Manager's handling of port 400 access, which can be exploited by a remote attacker to submi...

7.5CVSS7AI score0.01221EPSS
Exploits0References1
NVD
NVD
added 2023/06/13 9:15 p.m.22 views

CVE-2023-2639

The underlying feedback mechanism of Rockwell Automation's FactoryTalk System Services that transfers the FactoryTalk Policy Manager rules to relevant devices on the network does not verify that the origin of the communication is from a legitimate local client device. This may allow a threat acto...

4.7CVSS4.9AI score0.00384EPSS
Exploits0References1
NVD
NVD
added 2023/06/13 9:15 p.m.10 views

CVE-2023-2778

A denial-of-service vulnerability exists in Rockwell Automation FactoryTalk Transaction Manager. This vulnerability can be exploited by sending a modified packet to port 400. If exploited, the application could potentially crash or experience a high CPU or memory usage condition, causing...

7.5CVSS7.3AI score0.01221EPSS
Exploits0References1
OSV
OSV
added 2023/06/13 9:15 p.m.5 views

CVE-2023-2778

A denial-of-service vulnerability exists in Rockwell Automation FactoryTalk Transaction Manager. This vulnerability can be exploited by sending a modified packet to port 400. If exploited, the application could potentially crash or experience a high CPU or memory usage condition, causing...

7.5CVSS7.1AI score0.01221EPSS
Exploits0References1
OSV
OSV
added 2023/06/13 9:15 p.m.4 views

CVE-2023-2639

The underlying feedback mechanism of Rockwell Automation's FactoryTalk System Services that transfers the FactoryTalk Policy Manager rules to relevant devices on the network does not verify that the origin of the communication is from a legitimate local client device. This may allow a threat acto...

4.7CVSS5.8AI score0.00384EPSS
Exploits0References1
NVD
NVD
added 2023/06/13 9:15 p.m.22 views

CVE-2023-2637

Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to generate administrator cookies. Hard-coded cryptographic key may lead to privilege escalation. This vulnerability may allow a local, authenticated non-admin user to generate an invalid administrator cookie...

8.2CVSS7.6AI score0.00203EPSS
Exploits0References1
NVD
NVD
added 2023/06/13 9:15 p.m.31 views

CVE-2023-2638

Rockwell Automation's FactoryTalk System Services does not verify that a backup configuration archive is password protected. Improper authorization in FTSSBackupRestore.exe may lead to the loading of malicious configuration archives. This vulnerability may allow a local, authenticated non-admin...

5.9CVSS6.1AI score0.00197EPSS
Exploits0References1
OSV
OSV
added 2023/06/13 9:15 p.m.2 views

CVE-2023-2637

Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to generate administrator cookies. Hard-coded cryptographic key may lead to privilege escalation. This vulnerability may allow a local, authenticated non-admin user to generate an invalid administrator cookie...

8.2CVSS5.8AI score0.00203EPSS
Exploits0References1
Prion
Prion
added 2023/06/13 9:15 p.m.23 views

Authorization

Rockwell Automation's FactoryTalk System Services does not verify that a backup configuration archive is password protected. Improper authorization in FTSSBackupRestore.exe may lead to the loading of malicious configuration archives. This vulnerability may allow a local, authenticated non-admin...

1.5CVSS5.9AI score0.00197EPSS
Exploits0References1Affected Software2
Prion
Prion
added 2023/06/13 9:15 p.m.12 views

Design/Logic Flaw

A denial-of-service vulnerability exists in Rockwell Automation FactoryTalk Transaction Manager. This vulnerability can be exploited by sending a modified packet to port 400. If exploited, the application could potentially crash or experience a high CPU or memory usage condition, causing...

5CVSS7.3AI score0.01221EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/06/13 9:15 p.m.22 views

Design/Logic Flaw

The underlying feedback mechanism of Rockwell Automation's FactoryTalk System Services that transfers the FactoryTalk Policy Manager rules to relevant devices on the network does not verify that the origin of the communication is from a legitimate local client device. This may allow a threat acto...

4.3CVSS5.6AI score0.00384EPSS
Exploits0References1Affected Software2
Prion
Prion
added 2023/06/13 9:15 p.m.18 views

Hardcoded credentials

Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to generate administrator cookies. Hard-coded cryptographic key may lead to privilege escalation. This vulnerability may allow a local, authenticated non-admin user to generate an invalid administrator cookie...

4.1CVSS8AI score0.00203EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2023/06/13 8:35 p.m.48 views

CVE-2023-2778

CVE-2023-2778 affects Rockwell Automation’s FactoryTalk Transaction Manager . A denial-of-service vulnerability exists due to handling of access to port 400, allowing a remote attacker to send a modified packet that can cause the application to crash or consume excessive CPU/memory, leading to in...

7.5CVSS7.4AI score0.01221EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/06/13 8:35 p.m.12 views

CVE-2023-2778 Rockwell Automation FactoryTalk Transaction Manager Vulnerable to Denial-Of-Service

A denial-of-service vulnerability exists in Rockwell Automation FactoryTalk Transaction Manager. This vulnerability can be exploited by sending a modified packet to port 400. If exploited, the application could potentially crash or experience a high CPU or memory usage condition, causing...

7.5CVSS7.5AI score0.01221EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/06/13 8:35 p.m.8 views

CVE-2023-2778 Rockwell Automation FactoryTalk Transaction Manager Vulnerable to Denial-Of-Service

A denial-of-service vulnerability exists in Rockwell Automation FactoryTalk Transaction Manager. This vulnerability can be exploited by sending a modified packet to port 400. If exploited, the application could potentially crash or experience a high CPU or memory usage condition, causing...

7.5CVSS7AI score0.01221EPSS
Exploits0References1
Rows per page
Query Builder