CVE-2020-12033

In Rockwell Automation FactoryTalk Services Platform, all versions, the redundancy host service RdcyHost.exe does not validate supplied identifiers, which could allow an unauthenticated, adjacent attacker to execute remote COM objects with elevated privileges...

EUVD-2020-4349

Malware in sbrugna...

EUVD-2018-10685

Malware in sbrugna...

EUVD-2021-19681

Malware in sbrugna...

EUVD-2020-6652

Malware in sbrugna...

EUVD-2023-50514

Malicious code in bioql PyPI...

The vulnerability of the Redundancy Host Service (RdcyHost.exe) of the FactoryTalk Services Platform allows a attacker to increase their privileges and execute arbitrary code.

The vulnerability of the Redundancy Host Service RdcyHost.exe component of the FactoryTalk Services Platform is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to increase their privileges and execute arbitrary code...

The vulnerability of the FactoryTalk Services Platform, related to buffer overflows in dynamic memory, can lead to service failures.

The vulnerability of the FactoryTalk Services Platform lies in the overflow of memory buffer in dynamic memory. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

CVE-2021-32960

Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is enabled and deployed contains a vulnerability that may allow a remote, authenticated attacker to bypass FactoryTalk Security policies based on the computer name. If successfully exploited, this may all...

CVE-2020-14516

In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an issue with the implementation of the SHA-256 hashing algorithm with FactoryTalk Services Platform that prevents the user password from being hashed properly...

Rockwell FactoryTalk Services Platform < 6.40 Authentication Bypass

The version of Rockwell FactoryTalk Services Platform installed on the remote Windows host is prior to 6.40. It is, therefore, affected by a vulnerability. - A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and u...

Rockwell FactoryTalk Services Platform < 6.20 Deserialization

The version of Rockwell FactoryTalk Services Platform installed on the remote Windows host is prior to 6.20. It is, therefore, affected by a vulnerability. - Factory Talk Diagnostics exposes a .NET Remoting endpoint via RNADiagnosticsSrv.exe at TCP/8082, which can insecurely deserialize untrusted...

Rockwell Automation FactoryTalk Services Platform Authorization Issue Vulnerability

Rockwell Automation FactoryTalk Services Platform is a suite of services platforms from Rockwell Automation that provides routine services for applications such as diagnostic information, health monitoring and real-time data access. A security vulnerability exists in Rockwell Automation FactoryTa...

CVE-2023-46290

Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk® Services Platform web service and then use the token to log in into FactoryTalk® Services Platform . This vulnerability can only be exploited if...

CVE-2023-46290

Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk® Services Platform web service and then use the token to log in into FactoryTalk® Services Platform . This vulnerability can only be exploited if...

Code injection

Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk® Services Platform web service and then use the token to log in into FactoryTalk® Services Platform . This vulnerability can only be exploited if...

CVE-2023-46290 Rockwell Automation FactoryTalk Services Platform Elevated Privileges Vulnerability

Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk® Services Platform web service and then use the token to log in into FactoryTalk® Services Platform . This vulnerability can only be exploited if...

CVE-2023-46290 Rockwell Automation FactoryTalk Services Platform Elevated Privileges Vulnerability

Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk® Services Platform web service and then use the token to log in into FactoryTalk® Services Platform . This vulnerability can only be exploited if...

Rockwell Automation FactoryTalk Services Platform 授权问题漏洞

Rockwell Automation FactoryTalk Services Platform is a suite of services platforms from Rockwell Automation that provides routine services for applications such as diagnostic information, health monitoring and real-time data access. A security vulnerability exists in Rockwell Automation FactoryTa...

Rockwell Automation FactoryTalk Services Platform

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION : Exploitable remotely Vendor : Rockwell Automation Equipment : FactoryTalk Services Platform Vulnerability : Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could use a token to log into the system. 3...