CVE-2023-2638

MEDIUM

Rockwell Automation's FactoryTalk System Services - Auth Bypass

Title source: llm

Description

Rockwell Automation's FactoryTalk System Services does not verify that a backup configuration archive is password protected. Improper authorization in FTSSBackupRestore.exe may lead to the loading of malicious configuration archives. This vulnerability may allow a local, authenticated non-admin user to craft a malicious backup archive, without password protection, that will be loaded by FactoryTalk System Services as a valid backup when a restore procedure takes places. User interaction is required for this vulnerability to be successfully exploited.

References (1)

Core 1

Core References

Permissions Required, Vendor Advisory

https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139683

Scores

CVSS v3 5.9

EPSS 0.0000

EPSS Percentile 0.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-287

Status published

Products (2)

rockwellautomation/factorytalk_policy_manager 6.11.0

rockwellautomation/factorytalk_system_services 6.11.0

Published Jun 13, 2023

Tracked Since Feb 18, 2026