Critical Vulnerability Found in Rockwell Automation FactoryTalk Service Platform – Take Action Now to Protect Your Industrial Systems

CVECVE-2024-21917
CVSScvssV3_1: 9.8
SourceCVE-2024-21917

Rockwell Automation’s FactoryTalk Service Platform, which is used to manage industrial control systems, has been found to have a serious vulnerability that could allow attackers to gain unauthorized access.

The vulnerability exists due to a lack of digital signing between the service token used for authentication and the FactoryTalk directory. This means that an attacker could steal a valid service token and use it to authenticate to another FactoryTalk directory without any credentials.

Once authenticated in this way, the attacker would have access to view and download user information like usernames and passwords. They could also make unauthorized changes to system configurations.

As FactoryTalk is used to manage industrial control systems for things like manufacturing plants, oil and gas infrastructure and more, this presents a significant risk. An attacker exploiting this flaw could potentially disrupt operations or even cause physical damage if they gained access to control systems.

Rockwell Automation has given the vulnerability a CVSS score of 9.8 out of 10, indicating its very high severity. FactoryTalk users should apply any updates provided by Rockwell Automation to patch this vulnerability as soon as possible. Organizations should also consider changing credentials for any accounts that could be at risk and monitor systems closely for any unauthorized access or changes.

Taking action now to apply patches and tighten security is the best way for FactoryTalk users to protect their industrial systems and operations from this critical vulnerability.

References