Rockwellautomation: >> Factorytalk Alarms And Events Security Vulnerabilities
An unauthenticated attacker with network access to a victim's Rockwell Automation FactoryTalk Alarm and
Events service could open a connection, causing the service to fault and become unavailable. The affected port
could be used as a server ping port and uses messages structured with XML.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-10-27
An Improper Input Validation issue was discovered in Rockwell Automation FactoryTalk Alarms and Events, Version 2.90 and earlier. An unauthenticated attacker with remote access to a network with FactoryTalk Alarms and Events can send a specially crafted set of packets packet to Port 403/TCP (the history archiver service), causing the service to either stall or terminate.
CVSS Score
7.5
EPSS Score
0.0
Published
2017-12-23