CVE-2024-21914
published 2024-03-25CVE-2024-21914: A vulnerability exists in the affected product that allows a malicious user to restart the Rockwell Automation PanelView™ Plus 7 terminal remotely without…
PriorityP428medium5.3CVSS 3.1
AVNACLPRNUINSUCNINAL
EPSS
0.66%
46.8th percentile
A vulnerability exists in the affected product that allows a malicious user to restart the Rockwell Automation PanelView™ Plus 7 terminal remotely without security protections. If the vulnerability is exploited, it could lead to the loss of view or control of the PanelView™ product.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rockwell_automation | factorytalk_view_me | — | — |
| rockwellautomation | factorytalk_view | < 14.0 | 14.0 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-925f-cxg2-4483: A vulnerability exists in the affected product that allows a malicious user to restart the Rockwell Automation PanelView™ Plus 7 terminal remotely wit
ghsa_unreviewed·2024-03-26
CVE-2024-21914 [MEDIUM] CWE-400 GHSA-925f-cxg2-4483: A vulnerability exists in the affected product that allows a malicious user to restart the Rockwell Automation PanelView™ Plus 7 terminal remotely wit
A vulnerability exists in the affected product that allows a malicious user to restart the Rockwell Automation PanelView™ Plus 7 terminal remotely without security protections. If the vulnerability is exploited, it could lead to the loss of view or control of the PanelView™ product.
CISA ICS
Rockwell Automation FactoryTalk View ME
cisa_ics·2024-03-26·CVSS 5.3
[MEDIUM] Rockwell Automation FactoryTalk View ME
ICS Advisory
##
Rockwell Automation FactoryTalk View ME
Release DateMarch 26, 2024
Alert CodeICSA-24-086-04
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 6.9
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Rockwell Automation
- Equipment: FactoryTalk View ME
- Vulnerability: Cross-site Scripting
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could lead to the loss of view or control of the PanelView product.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of FactoryTalk View ME, an HMI software application, are affected:
- FactoryTalk View ME: prior to v14
## 3.2 Vulnerability Overview
3.2.1 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-79
A vulne
No detection rules found.
No public exploits indexed.
Dragos
Year in Review
blogs_dragos·2025-08-20
Year in Review
OT Cyber Assessment Evaluate & evolve architecture
Red Team Services Identify vulnerabilities
OT Tabletop Exercises Scenarios to evaluate response
Incident Response OT experts responding to your worst day
OT Cybersecurity Basics Build a stronger OT security strategy
5 Critical Controls SANS ICS framework for defense
Industrial Risk Management Quantifying OT risk and dependencies
Monitoring Threat Groups Know your adversary
Year in Review Report 9th annual threat report
OT Compliance NIS2, CAF v4, SOCI/SONS, TSA, & more
NERC CIP Dragos Alignment
INSM Compliance Path for NERC-CIP-015
RESOURCES
Threat Reports
Whitepapers
Datasheets
Solution Briefs
Case Studies
Blog
Webinars
Dragos Industrial Security Conference
COMMUNITY
OT-CERT Program
Community Defense Program
DRAGOS
Tenable
Rockwell Automation: Disconnect OT Devices with Public-Facing Internet Access, Patch or Mitigate Logix, FactoryTalk CVEs
blogs_tenable·2024-06-05
Rockwell Automation: Disconnect OT Devices with Public-Facing Internet Access, Patch or Mitigate Logix, FactoryTalk CVEs
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Bleepingcomputer
Rockwell Automation warns admins to take ICS devices offline
blogs_bleepingcomputer·2024-05-21·CVSS 9.8
[CRITICAL] Rockwell Automation warns admins to take ICS devices offline
## Rockwell Automation warns admins to take ICS devices offline
## Sergiu Gatlan
Rockwell Automation warned customers to disconnect all industrial control systems (ICSs) not designed for online exposure from the Internet due to increasing malicious activity worldwide.
Network defenders should never configure such devices to allow remote connections from systems outside the local network. By taking them offline, they can drastically reduce their organizations' attack surface.
This ensures that threat actors will no longer have direct access to systems that may not yet be patched against security vulnerabilities, allowing attackers to gain access to their targets' internal networks.
"Due to heightened geopolitical tensions and adversarial cyber activity globally, Rockwell Automation is
2024-03-25
Published