Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Factorytalk System Services Security Vulnerabilities - 2023

cve
cve

CVE-2023-2637

Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to generate administrator cookies. Hard-coded cryptographic key may lead to privilege escalation. This vulnerability may allow a local, authenticated non-admin user to generate an invalid administrator cookie givi...

8.2CVSS

8AI Score

0.0004EPSS

2023-06-13 09:15 PM
26
cve
cve

CVE-2023-2638

Rockwell Automation's FactoryTalk System Services does not verify that a backup configuration archive is password protected. Improper authorization in FTSSBackupRestore.exe may lead to the loading of malicious configuration archives. This vulnerability may allow a local, authenticated non-admin use...

5.9CVSS

5AI Score

0.0004EPSS

2023-06-13 09:15 PM
18
cve
cve

CVE-2023-2639

The underlying feedback mechanism of Rockwell Automation's FactoryTalk System Services that transfers the FactoryTalk Policy Manager rules to relevant devices on the network does not verify that the origin of the communication is from a legitimate local client device. This may allow a threat actor ...

4.7CVSS

4.6AI Score

0.0005EPSS

2023-06-13 09:15 PM
22