FactoryTalk View Machine Edition Vulnerable to Remote Code Execution
CVE-2023-2071
9.8CRITICAL
Key Information:
- Vendor
- Rockwell Automation
- Status
- Vendor
- CVE Published:
- 12 September 2023
Badges
📰 News Worthy
Summary
The FactoryTalk View Machine Edition on Rockwell Automation's PanelView Plus is vulnerable due to improper input verification. An unauthenticated attacker can exploit this flaw by sending specially crafted packets that allow remote code execution. The device can execute specific functions from two dynamic link library files through a CIP class. By leveraging this functionality, an attacker can upload a custom library, bypass security checks, and execute arbitrary code, potentially compromising the device's integrity and control.
Affected Version(s)
Fa <=13.0
Get notified when SecurityVulnerability.io launches alerting 🔔
Well keep you posted 📧
News Articles
SecurityLab.ruReferences
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
- 📰
First article discovered by SecurityLab.ru
Vulnerability published
Vulnerability Reserved
Credit
Rockwell Automation would like to thank Yuval Gordon, CPS Research, and the Microsoft Threat Intelligence Community for reporting this vulnerability to us.