CVE-2021-32960
published 2022-04-01CVE-2021-32960: Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is enabled and deployed contains a vulnerability that may allow a…
PriorityP357high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
2.34%
81.5th percentile
Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is enabled and deployed contains a vulnerability that may allow a remote, authenticated attacker to bypass FactoryTalk Security policies based on the computer name. If successfully exploited, this may allow an attacker to have the same privileges as if they were logged on to the client machine.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rockwell_automation | factorytalk_services_platform | >= unspecified < 6.11 | 6.11 |
| rockwellautomation | factorytalk_services_platform | <= 6.11.00 | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.0MEDIUMAV:N/AC:M/Au:S/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Rockwell Automation FactoryTalk Services Platform
cisa_ics·2021-06-10·CVSS 8.5
[HIGH] Rockwell Automation FactoryTalk Services Platform
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Rockwell Automation FactoryTalk Services Platform
Last RevisedJune 10, 2021
Alert CodeICSA-21-161-01
## 1. EXECUTIVE SUMMARY
- CVSS v3 8.5
- ATTENTION: Exploitable remotely
- Vendor: Rockwell Automation
- Equipment: FactoryTalk Services Platform
- Vulnerability: Protection Mechanism Failure
## 2. RISK EVALUATION
Successful exploitation of this vulnerability may allow remote, authenticated users to bypass FactoryTalk Security policies that are based on a computer name.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
Rockwell Automation reports this vulnerability affects
GHSA
GHSA-59hr-796q-5p86: Rockwell Automation FactoryTalk Services Platform v6
ghsa_unreviewed·2022-04-03
CVE-2021-32960 [HIGH] CWE-693 GHSA-59hr-796q-5p86: Rockwell Automation FactoryTalk Services Platform v6
Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is enabled and deployed contains a vulnerability that may allow a remote, authenticated attacker to bypass FactoryTalk Security policies based on the computer name. If successfully exploited, this may allow an attacker to have the same privileges as if they were logged on to the client machine.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-04-01
Published