CISA has published an advisory on an improper restriction of XML external entity reference vulnerability in Rockwell Automation FactoryTalk Services Platform. Versions 6.11.00 and earlier affected. Successful exploitation of this vulnerability could lead to a denial-of-service condition and to the arbitrary reading of any local file via system level services. Affected users are encouraged to use Rockwell Automation Knowledgebase article 25612 to determine if FactoryTalk Services Platform is installed. CISA also recommends a series of measures to mitigate the vulnerability. Access the advisory at CISA.
You are here
Related Resources
Jul 23, 2024 in Cybersecurity, in OT-ICS Security, in Security Preparedness
Jul 23, 2024 in Cybersecurity, in Security Preparedness
Jul 18, 2024 in Cybersecurity, in Security Preparedness