Loading

PN657 | Opening a corrupted FactoryTalk Diagnostics Viewer Configuration file (*.ftd) could cause arbitrary code execution

Severity:
High
Advisory ID:
PN657
發佈日期:
June 24, 2011
最近更新:
June 24, 2011
Revision Number:
1.0
Known Exploited Vulnerability (KEV):
否
Corrected:
否
Workaround:
否
摘要
Opening a corrupted FactoryTalk Diagnostics Viewer Configuration file (*.ftd) could cause arbitrary code execution

Introduction

Description

June 24, 2011 - Version 1.0

A vulnerability has been discovered in some specific versions of the FactoryTalk Diagnostics Viewer that could allow the execution of arbitrary code by opening a corrupted FactoryTalk Diagnostics Viewer Configuration file (*.ftd). This vulnerability would require some form of social engineering to convince a user of the FactoryTalk Diagnostics Viewer to open the corrupted (*.ftd) file.

The vulnerability has been confirmed to affect only the versions of the FactoryTalk Diagnostics Viewer v2.10.x (CPR9 SR2) and earlier.

Details of this vulnerability are as follows:

This issue is caused by a vulnerability in Microsoft’s ATL library code (MS09-035). Vendors were required to rebuild with the updated development tools and re-release their products in order to resolve this issue. This potential vulnerability has been confirmed to affect only the versions of the FactoryTalk Diagnostics Viewer v2.10.x (CPR9 SR2) and earlier. The FactoryTalk Diagnostics Viewer v2.30.00 (CPR9 SR3) and later utilize an updated version of Microsoft library code and does not exhibit this issue.

This vulnerability is not remotely exploitable. There are currently no known active exploits of this potential vulnerability.

To help reduce the likelihood of compromise and the associated security risk, Rockwell Automation recommends the following mitigation strategy:

Concerned customers should upgrade to FactoryTalk Diagnostics Viewer (CPR9 SR3) or greater. The FactoryTalk Diagnostics Viewer v2.30 is not available as a standalone installation package. It is included and installed as a part of the FactoryTalk Services Platform v2.30 (CPR9 SR3). Please reference AID 42682 - "Rockwell Automation Software Product Compatibility Matrix" to make sure you understand any dependencies and/or compatibility issues that may exist with installation of this version of the Services Platform.

For more information and for assistance with assessing the state of security of your existing controls system, including improving your system-level security when using Rockwell Automation and other vendor controls products, you can visit the Rockwell Automation Security Solutions web site at http://www.rockwellautomation.com/solutions/security.

Attachments

KCS Status

Released

Rockwell Automation Home
Copyright ©2022 Rockwell Automation, Inc.
  1. Chevron LeftChevron Left Rockwell Automation 首頁
  2. Chevron LeftChevron Left Trust Center
  3. Chevron LeftChevron Left Industrial Security Adv
  4. Chevron LeftChevron Left Industrial Security Advisory Detail
請更新您的 cookie 設定以繼續.
此功能需要 cookie 來改善您的體驗。請更新您的設定以允許這些 cookie:
  • 社群媒體Cookie
  • 功能Cookie
  • 性能Cookie
  • 行銷Cookie
  • 全部Cookie
您可以隨時更新您的設定。想了解更多訊息,請參閱我們的 {0} 隱私政策
CloseClose