Rockwell Automation FactoryTalk System Services Vulnerable To Use Of Hard-Coded Cryptographic Key
CVE-2023-2637

8.2HIGH

Key Information:

Vendor: Rockwell Automation
Status: FactoryTalk System Services
Vendor: CVE Published:; 13 June 2023

Summary

Rockwell Automation's FactoryTalk System Services has a security flaw stemming from the use of a hard-coded cryptographic key for generating administrator cookies. This issue potentially allows a local, authenticated non-admin user to create an invalid administrator cookie, granting elevated privileges to the FactoryTalk Policy Manager database. Exploiting this vulnerability could enable a malicious actor to implement unauthorized changes to the database, which could affect the deployment of security policy models by legitimate FactoryTalk Policy Manager users. Successful exploitation requires user interaction, making it a critical focus area for security management.

Affected Version(s)

FactoryTalk System Services <= 6.20

References

https://rockwellautomation.custhelp.com/app/answers/answe...

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jun 13, 2023
Vulnerability Reserved
May 10, 2023

Credit

Sharon Brizinov of Claroty Research - Team82