Rockwell Automation Factorytalk Services Platform vulnerabilities
3 known vulnerabilities affecting rockwell_automation/factorytalk_services_platform.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH3
Vulnerabilities
Page 1 of 1
CVE-2021-32960P3HIGHCVSS 8.8≥ unspecified, < 6.112022-04-01
CVE-2021-32960 [HIGH] CWE-863 CVE-2021-32960: Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is enab
Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is enabled and deployed contains a vulnerability that may allow a remote, authenticated attacker to bypass FactoryTalk Security policies based on the computer name. If successfully exploited, this may allow an attacker to have the same privileges as if they we
nvd
CVE-2023-46290P3HIGHCVSS 8.1vversions before 2.802023-10-27
CVE-2023-46290 [HIGH] CWE-287 CVE-2023-46290: Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a
Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk® Services Platform web service and then use the token to log in into FactoryTalk® Services Platform . This vulnerability can only be exploited if the authorized user did not previously log in into the Fac
nvd
CVE-2020-14478P4HIGHCVSS 7.1≥ unspecified, ≤ 6.11.002022-02-24
CVE-2020-14478 [HIGH] CWE-611 CVE-2020-14478: A local, authenticated attacker could use an XML External Entity (XXE) attack to exploit weakly conf
A local, authenticated attacker could use an XML External Entity (XXE) attack to exploit weakly configured XML files to access local or remote content. A successful exploit could potentially cause a denial-of-service condition and allow the attacker to arbitrarily read any local file via system-level services.
nvd