Rockwell Automation FactoryTalk Historian Site Edition
Summary
Multiple vulnerabilities have been identified in Rockwell Automation FactoryTalk Historian Site Edition, specifically affecting version 11 and earlier. Successful exploitation could allow an attacker to obtain authentication tokens, cause denial of service, or crash the system. Rockwell Automation provides mitigations and recommends applying a patch (BF32850) for affected versions.
IFF Assessment
These vulnerabilities allow attackers to gain unauthorized access, disrupt operations, or crash critical systems in industrial control environments, posing a significant threat to defenders.
Severity
The CVSS score of 7.7 reflects vulnerabilities that allow for authentication bypass and system crashes, impacting confidentiality and availability. The attack vector involves network access and can exploit race conditions and uncaught exceptions.
Defender Context
This alert highlights critical vulnerabilities in Rockwell Automation's FactoryTalk Historian Site Edition, a component often used in critical manufacturing and industrial control systems. Defenders should prioritize patching or applying mitigations to these systems to prevent unauthorized access and operational disruption. The presence of authentication bypass vulnerabilities is a significant concern, requiring diligent monitoring and security control enforcement.