CVE-2023-2637: Rockwell Automation FactoryTalk System Services Vulnerable To Use Of Hard-Coded Cryptographic Key
First published: Tue Jun 13 2023(Updated: )
Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to generate administrator cookies. Hard-coded cryptographic key may lead to privilege escalation. This vulnerability may allow a local, authenticated non-admin user to generate an invalid administrator cookie giving them administrative privileges to the FactoryTalk Policy Manger database. This may allow the threat actor to make malicious changes to the database that will be deployed when a legitimate FactoryTalk Policy Manager user deploys a security policy model. User interaction is required for this vulnerability to be successfully exploited.
Credit: PSIRT@rockwellautomation.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Rockwellautomation Factorytalk Policy Manager | =6.11.0 | |
| Rockwellautomation Factorytalk System Services | =6.11.0 |
Remedy
Customers using the affected software are encouraged to apply the risk mitigations, if possible. * Upgrade to 6.30.00 https://compatibility.rockwellautomation.com/Pages/MultiProductCompareSelections.aspx or later which has been patched to mitigate these issues.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2023-2637?
The severity of CVE-2023-2637 is high with a severity value of 8.2.
How does Rockwell Automation's FactoryTalk System Services generate administrator cookies?
Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to generate administrator cookies.
What is the risk of the hard-coded cryptographic key in CVE-2023-2637?
The hard-coded cryptographic key in CVE-2023-2637 may lead to privilege escalation.
Who can exploit the vulnerability in CVE-2023-2637?
A local, authenticated non-admin user can exploit the vulnerability in CVE-2023-2637.
How can I fix the vulnerability in Rockwell Automation's FactoryTalk System Services version 6.11.0?
To fix the vulnerability in Rockwell Automation's FactoryTalk System Services version 6.11.0, apply the recommended security patches or updates provided by Rockwell Automation.
- collector/nvd-index
- agent/weakness
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/remedy
- agent/author
- agent/references
- agent/title
- agent/description
- agent/tags
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- vendor/rockwellautomation
- canonical/rockwellautomation factorytalk policy manager
- version/rockwellautomation factorytalk policy manager/6.11.0
- canonical/rockwellautomation factorytalk system services
- version/rockwellautomation factorytalk system services/6.11.0