Vulnerability Description
The underlying feedback mechanism of Rockwell Automation's FactoryTalk System Services that transfers the FactoryTalk Policy Manager rules to relevant devices on the network does not verify that the origin of the communication is from a legitimate local client device. This may allow a threat actor to craft a malicious website that, when visited, will send a malicious script that can connect to the local WebSocket endpoint and wait for events as if it was a valid client device. If successfully exploited, this would allow a threat actor to receive information including whether FactoryTalk Policy Manager is installed and potentially the entire security policy.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rockwellautomation | Factorytalk Policy Manager | 6.11.0 |
| Rockwellautomation | Factorytalk System Services | 6.11.0 |
Related Weaknesses (CWE)
References
- https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139683Permissions RequiredVendor Advisory
- https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139683Permissions RequiredVendor Advisory
FAQ
What is CVE-2023-2639?
CVE-2023-2639 is a vulnerability with a CVSS score of 4.1 (MEDIUM). The underlying feedback mechanism of Rockwell Automation's FactoryTalk System Services that transfers the FactoryTalk Policy Manager rules to relevant devices on the network does not verify that the...
How severe is CVE-2023-2639?
CVE-2023-2639 has been rated MEDIUM with a CVSS base score of 4.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-2639?
Check the references section above for vendor advisories and patch information. Affected products include: Rockwellautomation Factorytalk Policy Manager, Rockwellautomation Factorytalk System Services.