PN1626 | Cross Site Request Forgery in FactoryTalk® Vantagepoint®

Affected Product	First Known in Software Version	Corrected in Software Version
FactoryTalk® Vantagepoint®	<v8.40	V8.40 and later

Rockwell Automation used the latest version of the CVSS scoring system to assess the following vulnerabilities.

CVE-2023-2444 IMPACT
A cross site request forgery vulnerability exists in the affected product. This vulnerability can be exploited in two ways. If an attacker sends a malicious link to a computer that is on the same domain as the FactoryTalk® Vantagepoint® server and a user clicks the link, the attacker could impersonate the legitimate user and send requests to the affected product.

Additionally, if an attacker sends an untrusted link to a computer that is not on the same domain as the server and a user opens the FactoryTalk® Vantagepoint® website, enters credentials for the FactoryTalk® Vantagepoint® server, and clicks on the malicious link a cross site request forgery attack would be successful as well.

CVSS Base Score: 7.1/10
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H
CWE: CWE-345 Insufficient Verification of Data Authenticity

Known Exploited Vulnerability (KEV) database: No

Customers can use Stakeholder-Specific Vulnerability Categorization to generate more environment specific prioritization.

Customers using the affected software are also encouraged to implement our suggested security best practices to minimize risk associated with the vulnerability.

• Provide training about social engineering attacks, such as phishing.
• QA43240 - Recommended Security Guidelines from Rockwell Automation

Additional Resources

• CVE-2023-2444 JSON