HomeVulnerabilityMicrosoft Uncovers Vital Flaws in Rockwell Automation PanelView Plus

Microsoft Uncovers Vital Flaws in Rockwell Automation PanelView Plus

Microsoft has revealed two security flaws in Rockwell Automation PanelView Plus that could possibly be weaponized by distant, unauthenticated attackers to execute arbitrary code and set off a denial-of-service (DoS) situation.

“The [remote code execution] vulnerability in PanelView Plus entails two customized lessons that may be abused to add and cargo a malicious DLL into the system,” security researcher Yuval Gordon mentioned.

“The DoS vulnerability takes benefit of the identical customized class to ship a crafted buffer that the system is unable to deal with correctly, thus resulting in a DoS.”

Cybersecurity

The record of shortcomings is as follows –

  • CVE-2023-2071 (CVSS rating: 9.8) – An improper enter validation vulnerability that permits unauthenticated attackers to realize distant code executed through crafted malicious packets.
  • CVE-2023-29464 (CVSS rating: 8.2) – An improper enter validation vulnerability that permits an unauthenticated menace actor to learn knowledge from reminiscence through crafted malicious packets and lead to a DoS by sending a packet bigger than the buffer measurement
See also  Microsoft Might 2024 Patch Tuesday fixes 3 zero-days, 61 flaws

Profitable exploitation of the dual flaws permits an adversary to execute code remotely or result in info disclosure or a DoS situation.

Rockwell Automation PanelView Plus

Whereas CVE-2023-2071 impacts FactoryTalk View Machine Version (variations 13.0, 12.0, and prior), CVE-2023-29464 impacts FactoryTalk Linx (variations 6.30, 6.20, and prior).

It is price noting that advisories for the failings have been launched by Rockwell Automation on September 12, 2023, and October 12, 2023, respectively. The U.S. Cybersecurity and Infrastructure Safety Company (CISA) launched its personal alerts on September 21 and October 17.

Cybersecurity

The disclosure comes as unknown menace actors are believed to be exploiting a just lately disclosed vital security flaw in HTTP File Server (CVE-2024-23692, CVSS rating: 9.8) to ship cryptocurrency miners and trojans equivalent to Xeno RAT, Gh0st RAT, and PlugX.

The vulnerability, described as a case of template injection, permits a distant, unauthenticated attacker to execute arbitrary instructions on the affected system by sending a specifically crafted HTTP request.

See also  TP-Hyperlink fixes vital RCE bug in widespread C5400X gaming router

- Advertisment -spot_img
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular