Filtered by vendor Rockwellautomation Subscriptions
Filtered by product Factorytalk System Services Subscriptions
Total 4 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-6326 1 Rockwellautomation 2 Factorytalk Policy Manager, Factorytalk System Services 2024-09-23 5.5 Medium
An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk® System Service. A malicious user could exploit this vulnerability by starting a back-up or restore process, which temporarily exposes private keys, passwords, pre-shared keys, and database folders when they are temporarily copied to an interim folder. This vulnerability is due to the lack of explicit permissions set on the backup folder. If private keys are obtained by a malicious user, they could impersonate resources on the secured network.
CVE-2023-2637 1 Rockwellautomation 2 Factorytalk Policy Manager, Factorytalk System Services 2024-08-02 7.3 High
Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to generate administrator cookies.  Hard-coded cryptographic key may lead to privilege escalation.  This vulnerability may allow a local, authenticated non-admin user to generate an invalid administrator cookie giving them administrative privileges to the FactoryTalk Policy Manger database. This may allow the threat actor to make malicious changes to the database that will be deployed when a legitimate FactoryTalk Policy Manager user deploys a security policy model. User interaction is required for this vulnerability to be successfully exploited.
CVE-2023-2639 1 Rockwellautomation 2 Factorytalk Policy Manager, Factorytalk System Services 2024-08-02 4.1 Medium
The underlying feedback mechanism of Rockwell Automation's FactoryTalk System Services that transfers the FactoryTalk Policy Manager rules to relevant devices on the network does not verify that the origin of the communication is from a legitimate local client device.  This may allow a threat actor to craft a malicious website that, when visited, will send a malicious script that can connect to the local WebSocket endpoint and wait for events as if it was a valid client device. If successfully exploited, this would allow a threat actor to receive information including whether FactoryTalk Policy Manager is installed and potentially the entire security policy. 
CVE-2023-2638 1 Rockwellautomation 2 Factorytalk Policy Manager, Factorytalk System Services 2024-08-02 5.9 Medium
Rockwell Automation's FactoryTalk System Services does not verify that a backup configuration archive is password protected.   Improper authorization in FTSSBackupRestore.exe may lead to the loading of malicious configuration archives.  This vulnerability may allow a local, authenticated non-admin user to craft a malicious backup archive, without password protection, that will be loaded by FactoryTalk System Services as a valid backup when a restore procedure takes places. User interaction is required for this vulnerability to be successfully exploited.