SD1657 | Security Advisory | Rockwell Automation

Severity:

High,

Critical

Advisory ID:

SD1657

发布日期:

November 15, 2023

上次更新时间:

November 19, 2024

Revision Number:

1.0

Known Exploited Vulnerability (KEV):

否

Corrected:

否

Workaround:

否

CVE IDs

CVE-2023-38545,

CVE-2023-3935

下载

The following link(s) provide the security advisory in Vulnerability Exploitability Exchange format:

JSON

摘要

FactoryTalk® Activation Contains Wibu CodeMeter Vulnerabilities

Published Date: November 14, 2023

Last updated: November 14, 2023

Revision Number: 1.0

CVSS Score: 7.8

AFFECTED PRODUCTS AND SOLUTION

Affected Product (automated)	First Known in Software Version	Corrected in Software Version
FactoryTalk Activation Manager	V4.00 (Utilizes Wibu-Systems CodeMeter <7.60c)	5.01

VULNERABILITY DETAILS

Rockwell Automation used version 3.1 of the CVSS scoring system to assess the following vulnerabilities.

CVE-2023-38545 IMPACT

Rockwell Automation FactoryTalk Activation Manager and Studio 5000 Logix Designer uses the affected Wibu-Systems’ products which internally use the libcurl in a version that is vulnerable to a buffer overflow attack if curl is configured to redirect traffic through a SOCKS5 proxy. A malicious proxy can exploit a bug in the implemented handshake to cause a buffer overflow. If no SOCKS5 proxy has been configured, there is no attack surface.

CVSS Base Score: 7.9

CVSS Vector: CVSS:3.1/ AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-787 Out-of-bounds Write

Known Exploited Vulnerability (KEV) database: No

CVE-2023-3935 IMPACT

Rockwell Automation FactoryTalk Activation Manager and Studio 5000 Logix Designer uses the affected Wibu-Systems’ products which contain a heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b that allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system.

CVSS Base Score: 9.8

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-787 Out-of-bounds Write

Known Exploited Vulnerability (KEV) database: No

Customers can use Stakeholder-Specific Vulnerability Categorization to generate more environment-specific prioritization.

Mitigations and Workarounds

Customers using the affected software are encouraged to apply the risk mitigations, if possible.

Upgrade to FactoryTalk Activation Manager 5.01 which has been patched to mitigate these issues (Available versions here, search "activation")
For information on how to mitigate Security Risks on industrial automation control systems Additionally, we encourage the customer to implement our suggested security best practices to minimize risk of the vulnerability.

ADDITIONAL RESOURCES