Attacks and Vulnerabilities
Control device security
Critical infrastructure
ICS Security Framework
Industrial Cyber Attacks
Malware, Phishing & Ransomware
News
Risk & Compliance
Secure Remote Access
Secure-by-Design
System Design & Architecture
Technology & Solutions
Threat Landscape
Vulnerabilities

Rockwell warns ICS sector of FactoryTalk View SE v11 vulnerability, recommends upgrade to patched v14.0

June 13, 2024
Rockwell warns ICS sector of FactoryTalk View SE v11 vulnerability, recommends upgrade to patched v14.0

Rockwell Automation published a security advisory on Thursday warning of the presence of information leakage vulnerability via authentication restriction in its FactoryTalk View SE v11. The company also said that v14.0 is the corrected software version. 

“The security of our products is important to us as your chosen industrial automation supplier,” Rockwell identified in its latest advisory. “ This anomaly was found internally during routine testing and is being reported based on our commitment to customer transparency and to improve their business or production environments.”

The advisory added that a user authentication vulnerability exists in the affected product. “The vulnerability allows a user from a remote system with FTView to send a packet to the customer’s server to view an HMI project. Due to the lack of proper authentication, this action is allowed without proper authentication verification.”

Rockwell Automation assessed vulnerabilities using versions 3.1 and 4.0 of the CVSS scoring systems. The CVSS 3.1 reported a base score of 9.8 out of 10, whereas the CVSS 4.0 resulted in a base score of 9.2 out of 10.

FactoryTalk View SE meets the demands of a modern HMI (Human Machine Interface) connecting people to the information they need to do their jobs. With production hardware and software integration, tools that let operators access the information they need, and support for new technologies, FactoryTalk View SE makes it possible to deliver the information required to make faster and better decisions. From a single workstation up to a complex distributed system, FactoryTalk View SE is the tested solution with the flexibility required.

Users using the affected software, who cannot upgrade to one of the corrected versions, are encouraged to apply security best practices, where possible.  It is recommended that users enforce proper access controls within the network and segment networks containing sensitive information using IPSec. 

The disclosure from Rockwell arrives amidst observations from Joe Weiss, an ICS cybersecurity expert, who identified that cyber incidents in control systems demands specialized expertise that is not widely available. He also observed that changes in government reporting and a lack of training in recognizing control system incidents as cyber-related allow these incidents to persist, potentially leading to catastrophic consequences.

“Control system cyber incidents continue to occur with potential or actual catastrophic consequences in every sector,” Weiss wrote in a Thursday blog post. “The training to recognize control system incidents as being cyber-related is missing. Identifying control system incidents as being cyber-related is complicated when government and industry organizations rush to judgement by stating that incidents weren’t cyberattacks without knowing the actual cause or set reporting thresholds that exclude many actual incidents.”

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.

Webinar: A Sense of Urgency - Industrial Cybersecurity and Compliance Under the NIS2 Directive

Register: June 27, 2024 2pm CET

http://industrialcyber.co

Related

House Committee urges DHS, DOE to declassify risks of Chinese-manufactured drones
House Committee urges DHS, DOE to declassify risks of Chinese-manufactured drones
US DHS partners with Indonesia to strengthen maritime cybersecurity in Indo-Pacific region
US DHS partners with Indonesia to strengthen maritime cybersecurity in Indo-Pacific region
Broadcom's Symantec solutions achieve IRAP certification, meeting Australian government standards
Broadcom’s Symantec solutions achieve IRAP certification, meeting Australian government standards
MITRE launches ACID to boost OT security with ATT&CK-based indicators using CISA's ICSNPP Parsers
MITRE launches ACID to boost OT security with ATT&CK-based indicators using CISA’s ICSNPP Parsers
Fortinet reports surge in OT system cyberattacks with phishing and email compromises leading to intrusions
Fortinet reports surge in OT system cyberattacks with phishing and email compromises leading to intrusions
US CISA issues ICS cybersecurity advisories for Emerson, Mitsubishi Electric, Johnson Controls equipment
CISA warns of path traversal vulnerability in RAD Data’s SecFlow-2 hardware
US DOE introduces supply chain cybersecurity principles to bolster global energy infrastructure security
US DOE introduces supply chain cybersecurity principles to bolster global energy infrastructure security
Global cybersecurity agencies advocate adoption of zero trust, SSE, SASE to enhance network access security
Global cybersecurity agencies advocate adoption of zero trust, SSE, SASE to enhance network access security
Cal Poly report highlights outer space as new frontier for cybersecurity threats; offers ICARUS matrix
Cal Poly report highlights outer space as new frontier for cybersecurity threats; offers ICARUS matrix
NHS updates on disruptions, potential data breach following London lab ransomware attack
NHS updates on disruptions, potential data breach following London lab ransomware attack