Vulnerabilities > Rockwellautomation > Factorytalk Services Platform > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-31 | CVE-2024-21917 | Improper Verification of Cryptographic Signature vulnerability in Rockwellautomation Factorytalk Services Platform A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. | 9.1 |
| 2021-03-18 | CVE-2020-14516 | Unspecified vulnerability in Rockwellautomation Factorytalk Services Platform 6.10.00/6.11.00 In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an issue with the implementation of the SHA-256 hashing algorithm with FactoryTalk Services Platform that prevents the user password from being hashed properly. | 10.0 |
| 2021-03-03 | CVE-2021-22681 | Insufficiently Protected Credentials vulnerability in Rockwellautomation products Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800. | 9.8 |
| 2020-03-23 | CVE-2020-6967 | Deserialization of Untrusted Data vulnerability in Rockwellautomation Factorytalk Services Platform In Rockwell Automation all versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk Services Platform, FactoryTalk Diagnostics exposes a .NET Remoting endpoint via RNADiagnosticsSrv.exe at TCPtcp/8082, which can insecurely deserialize untrusted data. | 9.8 |