FactoryTalk Linx Exploit: When Your Factory Gets Hacked on a Coffee Break!
View CSAF: Rockwell Automation’s FactoryTalk Linx has a bit of a privilege problem. Due to low attack complexity, the vulnerabilities allow attackers to waltz in with SYSTEM-level access, enjoying full control. Rockwell suggests patching up your systems and avoiding shady emails for good measure. No remote exploits yet, but better safe than sorry!
Hot Take:
Rockwell Automation’s FactoryTalk Linx has a vulnerability so potent, it could turn a regular IT day into a scene from a hacker’s paradise movie. With low attack complexity, it’s like handing out VIP passes to your system’s core. So if your idea of fun isn’t sharing your system’s deepest secrets with a hacker, you might want to patch it up pronto!
Key Points:
– Vulnerabilities in Rockwell Automation’s FactoryTalk Linx could allow full access to system resources.
– Affected versions are 6.40 and prior, with CVSS v4 score of 8.5.
– The vulnerabilities are linked to issues with x86 MSI and x64 MSI repair functionalities.
– Rockwell Automation recommends installing Microsoft patches and upgrading to version 6.50.
– CISA advises against clicking on unsolicited links and recommends following ICS security best practices.