Skip to main content

Factorytalk Services Platform

10 CVEs product

Monthly

CVE-2026-10714 HIGH This Week

Authentication bypass in Rockwell Automation FactoryTalk Services Platform (FTSP) lets an authenticated low-privilege user forge JWT tokens during Okta Web Authentication because the application fails to enforce the RSA signing algorithm, permitting the classic 'alg:none' attack. A successful attacker can impersonate any authorized user, reaching system configuration and granting permissions to other systems that FTSP protects. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the alg:none technique is well documented and trivially reproducible once access is obtained.

Authentication Bypass Factorytalk Services Platform
NVD
CVSS 4.0
8.8
EPSS
0.1%
CVE-2024-21915 HIGH This Week

A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform (FTSP). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure Rockwell Factorytalk Services Platform
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2024-21917 CRITICAL Act Now

A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jwt Attack Information Disclosure Rockwell Factorytalk Services Platform
NVD
CVSS 3.1
9.1
EPSS
0.9%
CVE-2023-46290 HIGH This Week

Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk® Services Platform web service and then use the. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft Authentication Bypass Factorytalk Services Platform
NVD
CVSS 3.1
8.1
EPSS
2.7%
CVE-2021-22681 CRITICAL KEV THREAT Act Now

Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Rockwell Authentication Bypass Factorytalk Services Platform Rslogix 5000 Studio 5000 Logix Designer
NVD
CVSS 3.1
9.8
EPSS
25.5%
CVE-2020-12033 HIGH This Week

In Rockwell Automation FactoryTalk Services Platform, all versions, the redundancy host service (RdcyHost.exe) does not validate supplied identifiers, which could allow an unauthenticated, adjacent. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Rockwell Information Disclosure Factorytalk Services Platform
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2020-6967 CRITICAL Act Now

In Rockwell Automation all versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk Services Platform, FactoryTalk Diagnostics exposes a .NET Remoting endpoint via. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Rockwell Deserialization Factorytalk Services Platform
NVD
CVSS 3.1
9.8
EPSS
5.4%
CVE-2014-9209 MEDIUM This Month

Untrusted search path vulnerability in the Clean Utility application in Rockwell Automation FactoryTalk Services Platform before 2.71.00 and FactoryTalk View Studio 8.00.00 and earlier allows local. Rated medium severity (CVSS 6.9). No vendor patch available.

Rockwell Information Disclosure Factorytalk Services Platform Factorytalk View Studio
NVD
CVSS 2.0
6.9
EPSS
0.0%
CVE-2012-4714 HIGH This Week

Integer overflow in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Rockwell Factorytalk Services Platform
NVD
CVSS 2.0
7.8
EPSS
0.0%
CVE-2012-4713 HIGH This Week

Integer signedness error in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Rockwell Factorytalk Services Platform
NVD
CVSS 2.0
7.8
EPSS
0.0%
EPSS 0% CVSS 8.8
HIGH This Week

Authentication bypass in Rockwell Automation FactoryTalk Services Platform (FTSP) lets an authenticated low-privilege user forge JWT tokens during Okta Web Authentication because the application fails to enforce the RSA signing algorithm, permitting the classic 'alg:none' attack. A successful attacker can impersonate any authorized user, reaching system configuration and granting permissions to other systems that FTSP protects. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the alg:none technique is well documented and trivially reproducible once access is obtained.

Authentication Bypass Factorytalk Services Platform
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform (FTSP). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure Rockwell +1
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jwt Attack Information Disclosure Rockwell +1
NVD
EPSS 3% CVSS 8.1
HIGH This Week

Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk® Services Platform web service and then use the. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft Authentication Bypass Factorytalk Services Platform
NVD
EPSS 25% CVSS 9.8
CRITICAL KEV THREAT Act Now

Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Rockwell Authentication Bypass Factorytalk Services Platform +2
NVD
EPSS 1% CVSS 8.8
HIGH This Week

In Rockwell Automation FactoryTalk Services Platform, all versions, the redundancy host service (RdcyHost.exe) does not validate supplied identifiers, which could allow an unauthenticated, adjacent. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Rockwell Information Disclosure Factorytalk Services Platform
NVD
EPSS 5% CVSS 9.8
CRITICAL Act Now

In Rockwell Automation all versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk Services Platform, FactoryTalk Diagnostics exposes a .NET Remoting endpoint via. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Rockwell Deserialization Factorytalk Services Platform
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

Untrusted search path vulnerability in the Clean Utility application in Rockwell Automation FactoryTalk Services Platform before 2.71.00 and FactoryTalk View Studio 8.00.00 and earlier allows local. Rated medium severity (CVSS 6.9). No vendor patch available.

Rockwell Information Disclosure Factorytalk Services Platform +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Integer overflow in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Rockwell Factorytalk Services Platform
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Integer signedness error in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Rockwell Factorytalk Services Platform
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy