ICSA-24-319-14 · Published 2024-11-18 · View on CISA ICS-CERT ↗

Rockwell Automation FactoryTalk Updater (Update A)

CVSS 9.1 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could result in an authentication bypass, remote code execution, and/or a local privilege escalation

CVE-2024-10943 CVE-2024-10944 CVE-2024-10945

Rockwell Automation recommends users follow the following mitigations:
FactoryTalk Updater - Web Client: Update to V4.20.00
FactoryTalk Updater - Client: Update to V4.20.00
FactoryTalk Updater - Agent: Update to V4.20.00
Users using the affected software, FactoryTalk Updater - Client, are encouraged to apply the risk mitigations, if possible.
Control access to the server where FactoryTalk Updater is running.
Click the 'Scan' button, which will update the database
For information on how to mitigate security risks on industrial automation control systems, Rockwell Automation encourage users to implement their suggested security best practices to minimize the risk of the vulnerabilities.
Users can use Stakeholder-Specific Vulnerability Categorization to generate more environment-specific prioritization.
For more information about these issues, please see the Rockwell Automation security advisory.

Rockwell Automation

Rockwell Automation · FactoryTalk Updater - Web Client >=4.00.00|<4.20.00

Rockwell Automation · FactoryTalk Updater - Client <4.20.00

Rockwell Automation · FactoryTalk Updater - Agent <4.20.00

Critical Manufacturing

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.