Danger Alert: Remote Exploit Threat in Rockwell Automation Systems!
View CSAF: Rockwell Automation’s FactoryTalk Historian ThingWorx has a vulnerability rated CVSS v4 9.3, which could let attackers remotely exploit XML external entities. The good news? A product update is available. The bad news? You might want to update those firewalls and VPNs while you’re at it. Stay secure, folks!
Hot Take:
In the latest installment of “Oops, We Did It Again,” we take a look at Rockwell Automation’s precarious dance with XML external entities. It seems like their FactoryTalk Historian ThingWorx has been moonlighting as a potential security breach, thanks to an oversight that could allow hackers an all-access pass to your systems. But don’t worry, Rockwell Automation swears they’ve got the antidote in the form of a shiny new update. Just don’t forget to turn off your Internet connection while you’re at it!
Key Points:
– Rockwell Automation’s FactoryTalk Historian ThingWorx has a vulnerability due to improper restriction of XML external entities.
– The affected product version is 95057C-FTHTWXCT11, versions v4.02.00 and prior.
– This vulnerability allows XXE-based attacks when using Apache log4net versions before 2.0.10.
– A CVSS v4 score of 9.3 makes this a high-severity issue.
– Rockwell Automation has released an update to mitigate the vulnerability.