PN1629 | Denial-of-Service Vulnerability in FactoryTalk® Transaction Manager

Affected Product	First Known in Software Version	Corrected in Software Version
FactoryTalk® Transaction Manager	<=v13.10	BF29042 - Patch: Multiple issues, FactoryTalk Transaction Manager 13.00/13.10

Rockwell Automation used the latest version of the CVSS scoring system to assess the following vulnerabilities. The security of our products is important to us as your chosen industrial automation supplier.  This anomaly was found internally during routine testing and is being reported based on our commitment to customer transparency and to improve their business or production environments.

CVE-2023-2778 IMPACT
A denial-of-service (DoS) vulnerability exists in the affected products. This vulnerability can be exploited by sending a modified packet to port 400. If exploited, the application could potentially crash or experience a high CPU or memory usage condition, causing intermittent application functionality issues. The application would need to be restarted to recover from the DoS.

CVSS Base Score 7.5
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-400 Uncontrolled Resource Consumption

Known Exploited Vulnerability (KEV) database: No

Customers can use Stakeholder-Specific Vulnerability Categorization to generate more environment specific prioritization.

Customers using the affected software are encouraged to apply the risk mitigations below, if possible. Additionally, we encourage our customers to implement our suggested security best practices to minimize the risk of the vulnerability.

• Customers should follow the instructions in BF29042 - Patch: Multiple issues, FactoryTalk Transaction Manager 13.00/13.10 to install the patch to mitigate the issue.
• QA43240 - Recommended Security Guidelines from Rockwell Automation

Additional Resources

• CVE-2023-2778 JSON