Security News > 2024 > July > Microsoft Uncovers Critical Flaws in Rockwell Automation PanelView Plus

Microsoft Uncovers Critical Flaws in Rockwell Automation PanelView Plus
2024-07-04 09:10

Microsoft has identified two critical vulnerabilities in Rockwell Automation's PanelView Plus, enabling remote, unauthenticated attackers to execute arbitrary code and cause a denial-of-service (DoS). Researcher Yuval Gordon explained that the remote code execution flaw exploits custom classes to upload malicious DLLs, while the DoS vulnerability sends unmanageable crafted buffers, crashing the system.

The vulnerabilities, CVE-2023-2071 and CVE-2023-29464, with CVSS scores of 9.8 and 8.2, respectively, involve improper input validation. CVE-2023-2071 affects FactoryTalk View Machine Edition versions 13.0, 12.0, and earlier, allowing remote code execution. CVE-2023-29464 impacts FactoryTalk Linx versions 6.30, 6.20, and earlier, enabling data reading from memory and DoS through oversized packets.

Rockwell Automation issued advisories on September 12 and October 12, 2023, with CISA alerts following on September 21 and October 17. Meanwhile, threat actors are exploiting a critical HTTP File Server flaw (CVE-2024-23692, CVSS score: 9.8) to deliver cryptocurrency miners and trojans like Xeno RAT, Gh0st RAT, and PlugX through template injection, allowing remote command execution via crafted HTTP requests.


News URL

https://thehackernews.com/2024/07/microsoft-uncovers-critical-flaws-in.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-05-31 CVE-2024-23692 Code Injection vulnerability in Rejetto Http File Server
Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability.
network
low complexity
rejetto CWE-94
critical
9.8
2023-10-13 CVE-2023-29464 Out-of-bounds Write vulnerability in Rockwellautomation Factorytalk Linx 6.20/6.30
FactoryTalk Linx, in the Rockwell Automation PanelView Plus, allows an unauthenticated threat actor to read data from memory via crafted malicious packets.
network
low complexity
rockwellautomation CWE-787
critical
9.1
2023-09-12 CVE-2023-2071 Unrestricted Upload of File with Dangerous Type vulnerability in Rockwellautomation Factorytalk View 13.0
Rockwell Automation FactoryTalk View Machine Edition on the PanelView Plus, improperly verifies user’s input, which allows unauthenticated attacker to achieve remote code executed via crafted malicious packets.
network
low complexity
rockwellautomation CWE-434
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 365 50 1369 2817 161 4397