CVE-2023-46289 HIGH

CVE-2023-46289: Rockwell Automation FactoryTalk® View Site Edition Vulnerable to Improper Input Validation

Vendor Rockwell Automation

Product FactoryTalk® View Site Edition

Weakness CWE-20 · Input validation

Published October 27, 2023

Last update February 27, 2025

View on NVD All CVEs

CVSS base score

7.5/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction None

Confidentiality None

Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

Rockwell Automation FactoryTalk View Site Edition insufficiently validates user input, which could potentially allow threat actors to send malicious data bringing the product offline. If exploited, the product would become unavailable and require a restart to recover resulting in a denial-of-service condition.

Key dates

02Disclosure timeline

October 27, 2023 CVE published

February 27, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-46289 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/20.html

Related vulnerabilities

Identifiers

CVE CVE-2023-46289

CWE CWE-20

CVSS 7.5 / HIGH

Affected versions