Rockwell Automation FactoryTalk DataMosaix

Summary

A Stored Cross-Site Scripting (XSS) vulnerability has been identified in Rockwell Automation FactoryTalk DataMosaix Private Cloud versions less than or equal to 8.02. Successful exploitation by an authenticated attacker could allow for the injection and permanent storage of malicious scripts on the server, leading to potential account takeover or credential theft when other users access affected pages.

IFF Assessment

FOE

This vulnerability allows an attacker to inject malicious scripts, which can lead to account takeover and credential theft, posing a direct threat to defenders.

Severity

6.1 Medium

The CVSS score of 6.1 reflects a medium severity, indicating that while an attacker needs authentication and high privileges, the impact of cross-site scripting can be significant, including account takeover and credential theft.

Defender Context

This alert highlights a Stored XSS vulnerability in an industrial control system component, emphasizing the need for defenders to prioritize patching and hardening systems that manage critical manufacturing and IT infrastructure. Organizations should monitor for indicators of compromise related to script injection and ensure strong authentication mechanisms are in place.

Read Full Story →