Описание
Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is enabled and deployed contains a vulnerability that may allow a remote, authenticated attacker to bypass FactoryTalk Security policies based on the computer name. If successfully exploited, this may allow an attacker to have the same privileges as if they were logged on to the client machine.
Ссылки
- Permissions RequiredVendor Advisory
- MitigationThird Party AdvisoryUS Government Resource
- Permissions RequiredVendor Advisory
- MitigationThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
EPSS
8.5 High
CVSS3
8.8 High
CVSS3
6 Medium
CVSS2
Дефекты
Связанные уязвимости
Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is enabled and deployed contains a vulnerability that may allow a remote, authenticated attacker to bypass FactoryTalk Security policies based on the computer name. If successfully exploited, this may allow an attacker to have the same privileges as if they were logged on to the client machine.
Уязвимость службы FactoryTalk Security платформы управления производственными процессами FactoryTalk Services Platform, позволяющая нарушителю обойти ограничения безопасности и повысить свои привилегии
EPSS
8.5 High
CVSS3
8.8 High
CVSS3
6 Medium
CVSS2