Severity:
High
Advisory ID:
PN1605
公開日:
October 27, 2022
最終更新日:
October 16, 2024
Revision Number:
1.0
Known Exploited Vulnerability (KEV):
いいえ
Corrected:
いいえ
Workaround:
はい
CVE IDs
CVE-2022-38744
ダウンロード
The following link(s) provide the security advisory in Vulnerability Exploitability Exchange format:
概要
FactoryTalk Alarm and Events Server Vulnerable to Denial-Of-Service Attack
Revision History
Revision History
Version 1.0 – October 27, 2022
Executive Summary
Rockwell Automation received a report from Kaspersky Labs regarding one vulnerability in FactoryTalk® Alarms and Events servers. If successfully exploited, these vulnerabilities may result in a denial-of-service condition causing the server to be unavailable.
Customers using affected versions of this software are encouraged to evaluate the following mitigations and apply them appropriately to their deployed products. Additional details relating to the discovered vulnerability, including affected products and recommended countermeasures, are provided.
Customers using affected versions of this software are encouraged to evaluate the following mitigations and apply them appropriately to their deployed products. Additional details relating to the discovered vulnerability, including affected products and recommended countermeasures, are provided.
Affected Products
FactoryTalk Alarms and Events server – All versions
Vulnerability Details
CVE-2022-38744 FactoryTalk Alarm and Events server vulnerable to denial-of-service attack
An unauthenticated attacker with network access to a victim's FactoryTalk service could open a connection, causing the service to fault and become unavailable. The affected port can be used as a server ping port and use messages structured with XML.
CVSS v3.1 Base Score: 7.5/10[MEDIUM]
CVSS v3.1 Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
An unauthenticated attacker with network access to a victim's FactoryTalk service could open a connection, causing the service to fault and become unavailable. The affected port can be used as a server ping port and use messages structured with XML.
CVSS v3.1 Base Score: 7.5/10[MEDIUM]
CVSS v3.1 Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Risk Mitigation & User Action
Customers using the affected software are encouraged to set up the secondary mitigation as described below that addresses the associated risk. Customers are also directed towards general risk mitigation strategies provided in QA43240 - Recommended Security Guidelines from Rockwell Automation , in our Knowledgebase.
Vulnerability | Suggested Actions |
CVE-2022-38744 | Customers should set up IPsec to mitigate this issue as detailed in QA46277 - Deploying FactoryTalk Software with IPsec |
General Security Guidelines
General security guidelines can be found in QA43240 - Recommended Security Guidelines from Rockwell Automation .
Requests for additional information can be sent to the PSIRT Inbox (PSIRT@rockwellautomation.com).
Requests for additional information can be sent to the PSIRT Inbox (PSIRT@rockwellautomation.com).
Additional Links
Copyright ©2022 Rockwell Automation, Inc.