Rockwell Automation FactoryTalk Action Manager

Source: All CISA Advisories | Added:

The article discusses a vulnerability in Rockwell Automation's FactoryTalk Action Manager that allows local unauthenticated attackers to intercept sensitive information, specifically a reusable API token, via an unsecured WebSocket connection. This vulnerability has a CVSS v4 score of 8.5 and affects versions 1.0.0 to 1.01 of the software.

---

Impact: Rockwell Automation FactoryTalk Action Manager (Version 1.0.0 to 1.01)

In the Wild: No

Age: Newly disclosed

Remediation: Update to version 1.01 or later; apply security best practices.

Read Full Original Article →