PT-2017-13206 · Rockwell Automation · Factorytalk Alarms/Events

Published

2017-12-23

Updated

2019-10-09

CVE-2017-14022

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Rockwell Automation FactoryTalk Alarms and Events versions 2.90 and earlier

Description An issue with improper input validation was found, allowing an unauthenticated attacker with remote network access to send specially crafted packets to Port 403/TCP, which is used by the history archiver service. This can cause the service to either stall or terminate.

Recommendations For versions 2.90 and earlier, consider restricting access to Port 403/TCP to prevent exploitation until a fix is available. As a temporary workaround, limiting network access to the history archiver service may help minimize the risk of service disruption.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2017-14022

Affected Products

Factorytalk Alarms/Events

PT-2017-13206 · Rockwell Automation · Factorytalk Alarms/Events

CVE-2017-14022

Weakness Enumeration

Related Identifiers

Affected Products

References · 4