Loading

FactoryTalk® Activation Contains Wibu CodeMeter Vulnerabilities

Severity:
High,
Critical
Advisory ID:
SD1657
Data pubblicazione:
November 15, 2023
Ultimo aggiornamento:
November 19, 2024
Revision Number:
1.0
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
CVE IDs
CVE-2023-38545,
CVE-2023-3935
Download
The following link(s) provide the security advisory in Vulnerability Exploitability Exchange format:
JSON
JSON
Riepilogo
FactoryTalk® Activation Contains Wibu CodeMeter Vulnerabilities

Published Date: November 14, 2023

Last updated: November 14, 2023

Revision Number: 1.0

CVSS Score: 7.8

AFFECTED PRODUCTS AND SOLUTION

Affected Product (automated)

First Known in Software Version

Corrected in Software Version

FactoryTalk Activation Manager

V4.00 (Utilizes Wibu-Systems CodeMeter <7.60c)

5.01

VULNERABILITY DETAILS

Rockwell Automation used version 3.1 of the CVSS scoring system to assess the following vulnerabilities.

CVE-2023-38545 IMPACT

Rockwell Automation FactoryTalk Activation Manager and Studio 5000 Logix Designer uses the affected Wibu-Systems’ products which internally use the libcurl in a version that is vulnerable to a buffer overflow attack if curl is configured to redirect traffic through a SOCKS5 proxy. A malicious proxy can exploit a bug in the implemented handshake to cause a buffer overflow. If no SOCKS5 proxy has been configured, there is no attack surface.

CVSS Base Score: 7.9

CVSS Vector: CVSS:3.1/ AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-787 Out-of-bounds Write

Known Exploited Vulnerability (KEV) database: No

CVE-2023-3935 IMPACT

Rockwell Automation FactoryTalk Activation Manager and Studio 5000 Logix Designer uses the affected Wibu-Systems’ products which contain a heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b that allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system.

CVSS Base Score: 9.8

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-787 Out-of-bounds Write

Known Exploited Vulnerability (KEV) database: No

Customers can use Stakeholder-Specific Vulnerability Categorization to generate more environment-specific prioritization.

Mitigations and Workarounds

Customers using the affected software are encouraged to apply the risk mitigations, if possible.

  • Upgrade to FactoryTalk Activation Manager 5.01 which has been patched to mitigate these issues (Available versions here, search "activation")
  • For information on how to mitigate Security Risks on industrial automation control systems Additionally, we encourage the customer to implement our suggested security best practices to minimize risk of the vulnerability.

ADDITIONAL RESOURCES

  • CVE-2023-38545 JSON
  • CVE-2023-3935 JSON
  • Wibu Systems Product Security Advisory WIBU-230704-01 (CVE-2023-3935)
  • Wibu Systems Product Security Advisory WIBU-231017-01  (CVE-2023-38545)
Rockwell Automation Home
Copyright ©2022 Rockwell Automation, Inc.
  1. Chevron LeftChevron Left Home Rockwell Automation
  2. Chevron LeftChevron Left Trust Center
  3. Chevron LeftChevron Left Industrial Security Adv
  4. Chevron LeftChevron Left Industrial Security Advisory Detail
Aggiorna le tue preferenze sui cookie per continuare.
Questa funzionalità richiede i cookie per migliorare la tua esperienza. Ti preghiamo di aggiornare le tue preferenze per consentire questi cookie:
  • Cookie dei social media
  • Cookie funzionali
  • Cookie di prestazione
  • Cookie di marketing
  • Tutti i cookie
Puoi aggiornare le tue preferenze in qualsiasi momento. Per ulteriori informazioni consultare il nostro {0} politica sulla riservatezza
CloseClose