CISA has published an advisory on an improper restriction of XML external entity reference vulnerability in Rockwell Automation FactoryTalk Services Platform. Versions 6.11.00 and earlier affected. Successful exploitation of this vulnerability could lead to a denial-of-service condition and to the arbitrary reading of any local file via system level services. Affected users are encouraged to use Rockwell Automation Knowledgebase article 25612 to determine if FactoryTalk Services Platform is installed. CISA also recommends a series of measures to mitigate the vulnerability. Access the advisory at CISA.
You are here
Related Resources
Dec 12, 2024 in Cybersecurity, in Federal & State Resources, in Security Preparedness
Dec 12, 2024 in Cybersecurity, in OT-ICS Security, in Security Preparedness
Dec 12, 2024 in Cybersecurity, in OT-ICS Security, in Federal & State Resources