Rockwell Automation Factorytalk Service Platform vulnerabilities
2 known vulnerabilities affecting rockwell_automation/factorytalk_service_platform.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2024-21917P3CRITICALCVSS 9.1≤ v6.312024-01-31
CVE-2024-21917 [CRITICAL] CWE-347 CVE-2024-21917: A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious
A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. This is due to the lack of digital signing between the FTSP service token and directory. If exploited, a malicious user could potentially retrieve user informat
nvd
CVE-2024-21915P3HIGHCVSS 8.8v <v2.742024-02-16
CVE-2024-21915 [HIGH] CWE-732 CVE-2024-21915: A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform (F
A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform (FTSP). If exploited, a malicious user with basic user group privileges could potentially sign into the software and receive FTSP Administrator Group privileges. A threat actor could potentially read and modify sensitive data, delete data and render the FTS
nvd