← Back to home
ICSA-20-177-02  ·  Published 2020-06-25  ·  View on CISA ICS-CERT ↗

Rockwell Automation FactoryTalk Services Platform XXE

CVSS 8.4 HIGH

Risk Summary

Successful exploitation of this vulnerability could lead to a denial-of-service condition and to the arbitrary reading of any local file via system level services.

CVEs (1)

Remediations

  • Affected users are encouraged to use Rockwell Automation Knowledgebase article 25612 to determine if FactoryTalk Services Platform is installed.
  • For more information please see Rockwell Automation Knowledgebase article 1092746

Affected Vendors

Rockwell Automation

Affected Products (1)

Rockwell Automation · FactoryTalk Services Platform <= 6.11.00

Affected Sectors

Food and Agriculture, Transportation Systems, Water and Wastewater Systems

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more