← Back to home
ICSA-23-257-07  ·  Published 2023-09-14  ·  View on CISA ICS-CERT ↗

Rockwell Automation Pavilion8

CVSS 8.8 HIGH

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to retrieve other user's sessions data.

CVEs (1)

Remediations

  • Rockwell Automation recommends customers apply the following mitigations:
  • Update to v5.20
  • Rockwell Automation encourages customers using the affected software are encouraged to apply the risk mitigations, if possible and to implement the suggested security best practices to minimize the risk of vulnerability.
  • If customers are unable to update to v5.20, please follow the instructions below to disable the vulnerability in v5.17.
  • For more information, see Rockwell Automation's Security Advisory.

Affected Vendors

Rockwell Automation

Affected Products (1)

Rockwell Automation · Pavilion8 5.17.00 | 5.17.01

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more