CVE-2023-2638

Name of the Vulnerable Software and Affected Versions FactoryTalk System Services (affected versions not specified)

Description The issue is related to improper authorization in the FTSSBackupRestore.exe executable, which may allow a local, authenticated non-admin user to load malicious configuration archives as valid backups during a restore procedure. This can be achieved by crafting a malicious backup archive without password protection. User interaction is required for successful exploitation.

Recommendations For FactoryTalk System Services, consider restricting access to the FTSSBackupRestore.exe executable until a patch is available. As a temporary workaround, ensure that all backup configuration archives are properly password protected to minimize the risk of exploitation. Avoid using the restore procedure with unverified backup archives until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.