First published: Fri Feb 16 2024(Updated: )
A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform (FTSP). If exploited, a malicious user with basic user group privileges could potentially sign into the software and receive FTSP Administrator Group privileges. A threat actor could potentially read and modify sensitive data, delete data and render the FTSP system unavailable.
Credit: PSIRT@rockwellautomation.com
Affected Software | Affected Version | How to fix |
---|---|---|
Rockwellautomation Factorytalk Services Platform | <2.74 |
* Update to v2.74 or later. * Customers using the affected software are encouraged to apply the risk mitigations, if possible. Additionally, we encourage customers to implement our suggested security best practices to minimize the risk of vulnerability. * Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.