Detections
Analytics
Rockwell FactoryTalk Services Platform 2.74 Authentication Bypass
high Nessus Plugin ID 189258
Synopsis
An application installed on the remote Windows host is affected by a vulnerability.Description
The version of Rockwell FactoryTalk Services Platform installed on the remote Windows host is 2.74. It is, therefore, affected by a vulnerability.- Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk Services Platform web service and then use the token to log in into FactoryTalk Services Platform. This vulnerability can only be exploited if the authorized user did not previously log in into the FactoryTalk Services Platform web service. (CVE-2023-46290)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Upgrade to Rockwell FactoryTalk Services Platform version 2.80 or later or refer to the vendor advisory for other mitigations.See Also
https://www.cisa.gov/news-events/ics-advisories/icsa-23-299-06
Plugin Details
Severity: High
ID: 189258
File Name: rockwell_factorytalk_services_platform_2_74.nasl
Version: 1.1
Type: local
Agent: windows
Family: SCADA
Published: 1/20/2024
Updated: 1/22/2024
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 7.6
Temporal Score: 5.6
Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2023-46290
CVSS v3
Risk Factor: High
Base Score: 8.1
Temporal Score: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:rockwellautomation:factorytalk_services_platform
Required KB Items: installed_sw/Rockwell FactoryTalk Services Platform
Exploit Ease: No known exploits are available
Patch Publication Date: 8/31/2015
Vulnerability Publication Date: 10/27/2023
Reference Information
CVE: CVE-2023-46290
ICSA: 23-299-06