"Vulnerabilities in ICS-Specific Backup Solution Open Industrial Facilities to Attack"
Claroty researchers discovered vulnerabilities in Rockwell Automation's FactoryTalk AssetCentre software, a backup solution specifically for Industrial Control Systems (ICS). All of the vulnerabilities have been given a maximum CVSS v3 base score of 10. According to the researchers, an attacker can take over a facility's entire Operational Technology (OT) network and execute commands on server agents and automation devices like a Programmable Logic Controller (PLC) by chaining some of the vulnerabilities together. Three of the discovered flaws are described as deserialization vulnerabilities that can allow unauthenticated attackers to remotely execute arbitrary code in FactoryTalk AssetCentre. One flaw could enable an unauthenticated local attacker to gain complete access to the software's main server and agent machines, as well as remotely execute code. Another three flaws are SQL injection vulnerabilities. All of the discovered flaws impact FactoryTalk AssetCentre v10 and earlier versions. This article continues to discuss the vulnerabilities found in Rockwell Automation's FactoryTalk AssetCentre that leave industrial facilities open to attacks and the importance of ICS-specific backup solutions.