Loading

PN1645 | FactoryTalk View Machine Edition Vulnerable to Remote Code Execution

Severity:
Critical
Advisory ID:
PN1645
Date de publication:
October 05, 2023
Date de la dernière mise à jour:
October 05, 2023
Revision Number:
1.0
Known Exploited Vulnerability (KEV):
Non
Corrected:
Non
Workaround:
Non
CVE IDs
CVE-2023-2071
Résumé
FactoryTalk View Machine Edition Vulnerable to Remote Code Execution

Revision History

Revision Number

1.0

Revision History

Version 1.0 – September 12, 2023

Affected Products

Affected Product First Known in Revision Corrected in Revision
FactoryTalk View Machine Edition v12.0 v12.0 & v13.0 patch

Vulnerability Details

Rockwell Automation used the latest version of the CVSS scoring system to assess the following vulnerabilities. Rockwell Automation would like to thank Yuval Gordon, CPS Research, and the Microsoft Threat Intelligence Community for reporting this vulnerability to us.

CVE-2023-2071 IMPACT

FactoryTalk View Machine Edition on the PanelView Plus, improperly verifies user’s input, which allows unauthenticated attacker to achieve remote code executed via crafted malicious packets.  The device has the functionality, through a CIP class, to execute exported functions from libraries.  There is a routine that restricts it to execute specific functions from two dynamic link library files.  By using a CIP class, an attacker can upload a self-made library to the device which allows the attacker to bypass the security check and execute any code written in the function.

CVSS Base Score: 9.8/10 (high)
CVSS Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: 20 – Improper Input Validation

Risk Mitigation & User Action

Customers using the affected versions are encouraged to upgrade to corrected firmware revisions. We also strongly encourage customers to implement our suggested security best practices to minimize the risk of the vulnerability.

  • Install the security patches for the respective versions referencing BF29493 - Patch: FactoryTalk Linx CIP Vulnerability issue, FactoryTalk View ME 12.0, 13.0.
  • QA43240 - Recommended Security Guidelines from Rockwell Automation

Additional Resources

  • JSON CVE-2023-2071
  • CISA ICS-SA CSAF
Rockwell Automation Home
Copyright ©2022 Rockwell Automation, Inc.
  1. Chevron LeftChevron Left Rõôckwéêll Æýýtõômåätíîõôn Hõôméê Chevron RightChevron Right
  2. Chevron LeftChevron Left Trust Center Chevron RightChevron Right
  3. Chevron LeftChevron Left Industrial Security Adv Chevron RightChevron Right
  4. Chevron LeftChevron Left Industrial Security Advisory Detail Chevron RightChevron Right
Veuillez mettre à jour vos préférences en matière de cookies pour continuer.
Cette fonctionnalité nécessite des cookies pour améliorer votre expérience. Veuillez mettre à jour vos préférences pour autoriser ces cookies:
  • Cookies de réseaux sociaux
  • Cookies fonctionnels
  • Cookies de performances
  • Cookies marketing
  • Tous les cookies
Vous pouvez mettre à jour vos préférences à tout moment. Pour plus d'informations, veuillez consulter notre politique de confidentialité
CloseClose