Rockwell Automation FactoryTalk reports critical vulnerability
Take action: If you are using Rockwell Automation tools, make sure it's not accessible from the internet. Updating may be a tedious task, but do try to persuade management to permit the patching since it's another flaw that can be chained in a more advanced attacks.
Learn More
Rockwell Automationr reports critical vulnerability in FactoryTalk Activation Manager and Studio 5000 Logix Designer are susceptible due to using Wibu-Systems' products with a libcurl version vulnerable to buffer overflow via a SOCKS5 proxy.
FactoryTalk Activation Manager is a software tool developed by Rockwell Automation. It's primarily used for managing the activation of software products from Rockwell Automation, a leading company in industrial automation and digital transformation.
The critical issue is tracked as CVE-2023-38545 (CVSS score 9.8). The vulnerability is succeptible to remote exploitation with low complexity and is an Out-of-Bounds Write. Successful attacks exploiting these weaknesses could lead to a buffer overflow, enabling attackers to gain complete control of the system.
Impacted versions: Factory Talk V4.00 (using Wibu-Systems CodeMeter <7.60c)
Another vulnerability involves a heap buffer overflow in Wibu CodeMeter Runtime network service up to version 7.60b, potentially allowing remote attackers to execute code remotely (CVE-2023-3935, CVSS score 7.5).
Rockwell Automation recommends an update to FactoryTalk Activation Manager 5.01 to address these issues.
