CVE-2023-2639
MEDIUMRockwell FactoryTalk System Services - Local WebSocket Origin Validation Bypass
Title source: manualDescription
The underlying feedback mechanism of Rockwell Automation's FactoryTalk System Services that transfers the FactoryTalk Policy Manager rules to relevant devices on the network does not verify that the origin of the communication is from a legitimate local client device. This may allow a threat actor to craft a malicious website that, when visited, will send a malicious script that can connect to the local WebSocket endpoint and wait for events as if it was a valid client device. If successfully exploited, this would allow a threat actor to receive information including whether FactoryTalk Policy Manager is installed and potentially the entire security policy.
References (1)
Core 1
Core References
Permissions Required, Vendor Advisory
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139683
Scores
CVSS v3
4.1
EPSS
0.0038
EPSS Percentile
30.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-346
Status
published
Products (2)
rockwellautomation/factorytalk_policy_manager
6.11.0
rockwellautomation/factorytalk_system_services
6.11.0
Published
Jun 13, 2023
Tracked Since
Feb 18, 2026