July 4, 2024 at 06:37AM
Microsoft has disclosed two security vulnerabilities in Rockwell Automation PanelView Plus, which could be exploited by remote attackers for remote code execution and denial-of-service (DoS) attacks. These flaws are tracked as CVE-2023-2071 and CVE-2023-29464, impacting FactoryTalk View Machine Edition and FactoryTalk Linx. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has also issued alerts regarding these vulnerabilities. Additionally, there are reports of threat actors exploiting another critical security flaw in the HTTP File Server to deliver cryptocurrency miners and trojans.
Based on the meeting notes, the key points are:
– Microsoft has identified two security flaws in Rockwell Automation PanelView Plus, which could be exploited by remote, unauthenticated attackers to execute arbitrary code and trigger a denial-of-service (DoS) condition.
– The vulnerabilities are identified as CVE-2023-2071 and CVE-2023-29464, with respective CVSS scores of 9.8 and 8.2.
– Successful exploitation of the vulnerabilities could result in remote code execution, information disclosure, or a DoS condition.
– The impact of CVE-2023-2071 is on FactoryTalk View Machine Edition, while CVE-2023-29464 affects FactoryTalk Linx.
– Advisories for the vulnerabilities were released by Rockwell Automation, and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) also issued alerts.
– In addition, there is mention of a critical security flaw in HTTP File Server (CVE-2024-23692, CVSS score: 9.8) being exploited by unknown threat actors to deliver cryptocurrency miners and trojans.
Let me know if you need further information or assistance.