← Back to home
ICSA-20-051-02  ·  Published 2020-02-20  ·  View on CISA ICS-CERT ↗

Rockwell Automation FactoryTalk Diagnostics

CVSS 9.8 CRITICAL

Risk Summary

Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to execute arbitrary code with SYSTEM level privileges.

CVEs (1)

Remediations

  • Rockwell Automation is currently working to develop updated software that addresses the reported vulnerability.
  • Disable the Remote Diagnostics Service if not in use.
  • If the service is in use, use Windows Firewall Configuration to disable the affected port.
  • For more information, please see Rockwell Automation's security advisory (login required).

Affected Vendors

Rockwell Automation

Affected Products (1)

Rockwell Automation · FactoryTalk Diagnostics software Versions 2.00 to 6.11

Affected Sectors

Food and Agriculture, Transportation Systems, Water and Wastewater Systems

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more