Security News > 2021 > April > Vulnerabilities in ICS-specific backup solution open industrial facilities to attack

Claroty researchers have found and privately disclosed nine vulnerabilities affecting Rockwell Automation's FactoryTalk AssetCentre, an ICS-specific backup solution.

Rockwell Automation's FactoryTalk AssetCentre is a centralized tool for securing, managing, versioning, tracking and reporting automation-related asset information across industrial facilities.

The AssetCentre solution is comprised of a main server, an MS-SQL server database, clients, and remote software agents running on engineering workstations.

"Operators can perform backup and restore, and version control functions from AssetCentre for all PLCs running on a factory floor, for example," the researchers explained.

"ICS-specific backup solutions such as FactoryTalk AssetCentre are key elements that enable quick disaster recovery in the event of, for example, a targeted ransomware attack. In industries where downtime is unacceptable, and especially where public safety may be impacted, organizations must have a reliable backup available."

Three of the discovered flaws are deserialization vulnerabilities that may allow an unauthenticated attacker to remotely execute arbitrary code in FactoryTalk AssetCentre, and one is a similar flaw that may allow an unauthenticated local attacker to gain full access to the FactoryTalk AssetCentre main server and agent machines and remotely execute code.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/_RuPIUErP2w/