CVE-2023-2638 MEDIUM

CVE-2023-2638: Rockwell Automation FactoryTalk System Services Vulnerable to a Denial-of-Service Attack

Vendor Rockwell Automation
Product FactoryTalk System Services
Weakness CWE-287 · Improper authentication
Published June 13, 2023
Last update January 2, 2025

CVSS base score

5.9/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H

What the vulnerability does

01Description

Rockwell Automation's FactoryTalk System Services does not verify that a backup configuration archive is password protected.   Improper authorization in FTSSBackupRestore.exe may lead to the loading of malicious configuration archives.  This vulnerability may allow a local, authenticated non-admin user to craft a malicious backup archive, without password protection, that will be loaded by FactoryTalk System Services as a valid backup when a restore procedure takes places. User interaction is required for this vulnerability to be successfully exploited.

Key dates

02Disclosure timeline

June 13, 2023 CVE published
January 2, 2025 Record updated