← Back to home
ICSA-21-054-01  ·  Published 2021-02-23  ·  View on CISA ICS-CERT ↗

Rockwell Automation FactoryTalk Services Platform

CVSS 10.0 CRITICAL

Risk Summary

Successful exploitation of this vulnerability could allow a remote, unauthenticated attacker to create new users in the FactoryTalk Services Platform administration console. These new users could allow an attacker to modify or delete configuration and application data in other FactoryTalk software connected to the FactoryTalk Services Platform.

CVEs (1)

Remediations

  • Rockwell Automation has released a new version of the affected software for download (login required).
  • For more information see the Rockwell Automation security advisory (login required).

Affected Vendors

Rockwell Automation

Affected Products (1)

Rockwell Automation · FactoryTalk Services Platform 6.10.00 | 6.11.00

Affected Sectors

Chemical, Commercial Facilities, Critical Manufacturing, Energy, Government Facilities, Water and Wastewater Systems

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more