PT-2023-3725 · Rockwell Automation · Factorytalk Transaction Manager

Published

2023-06-13

Updated

2023-06-26

CVE-2023-2778

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Rockwell Automation FactoryTalk Transaction Manager (affected versions not specified)

Description A denial-of-service issue exists in the software, which can be exploited by sending a modified packet to port 400. This could cause the application to crash or experience high CPU or memory usage, leading to intermittent functionality issues. The application needs to be restarted to recover from the denial-of-service condition.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

BDU:2023-04013

CVE-2023-2778

Affected Products

Factorytalk Transaction Manager

PT-2023-3725 · Rockwell Automation · Factorytalk Transaction Manager

CVE-2023-2778

Weakness Enumeration

Related Identifiers

Affected Products

References · 5