Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Rockwell Automation Unsecured Private Keys in FactoryTalk® System Services
Vulnerability Description
An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk® System Service. A malicious user could exploit this vulnerability by starting a back-up or restore process, which temporarily exposes private keys, passwords, pre-shared keys, and database folders when they are temporarily copied to an interim folder. This vulnerability is due to the lack of explicit permissions set on the backup folder. If private keys are obtained by a malicious user, they could impersonate resources on the secured network.
CVSS Information
N/A
Vulnerability Type
特权管理不恰当
Vulnerability Title
Rockwell Automation FactoryTalk System Service 安全漏洞
Vulnerability Description
Rockwell Automation FactoryTalk System Service是美国罗克韦尔(Rockwell Automation)公司的一款应用程序。提供实施安全策略所需的策略授权、证书授权、身份服务和部署服务。 Rockwell Automation FactoryTalk System Service存在安全漏洞,该漏洞源于存在敏感信息泄露漏洞,导致攻击者可冒充安全网络上的资源。
CVSS Information
N/A
Vulnerability Type
N/A