Revision History
Revision Number
1.0
Revision History
Version 1.0 – September 12, 2023
Affected Products
| Affected Product | First Known in Revision | Corrected in Revision |
| FactoryTalk View Machine Edition | v12.0 | v12.0 & v13.0 patch |
Vulnerability Details
Rockwell Automation used the latest version of the CVSS scoring system to assess the following vulnerabilities. Rockwell Automation would like to thank Yuval Gordon, CPS Research, and the Microsoft Threat Intelligence Community for reporting this vulnerability to us.
CVE-2023-2071 IMPACT
FactoryTalk View Machine Edition on the PanelView Plus, improperly verifies user’s input, which allows unauthenticated attacker to achieve remote code executed via crafted malicious packets. The device has the functionality, through a CIP class, to execute exported functions from libraries. There is a routine that restricts it to execute specific functions from two dynamic link library files. By using a CIP class, an attacker can upload a self-made library to the device which allows the attacker to bypass the security check and execute any code written in the function.
CVSS Base Score: 9.8/10 (high)
CVSS Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: 20 – Improper Input Validation
Risk Mitigation & User Action
Customers using the affected versions are encouraged to upgrade to corrected firmware revisions. We also strongly encourage customers to implement our suggested security best practices to minimize the risk of the vulnerability.
- Install the security patches for the respective versions referencing BF29493 - Patch: FactoryTalk Linx CIP Vulnerability issue, FactoryTalk View ME 12.0, 13.0.
- QA43240 - Recommended Security Guidelines from Rockwell Automation
Additional Resources
