Rockwell.FactoryTalk.RNADiagnosticsSrv.Insecure.Deserialization

description-logoDescription

This indicates an attack attempt to exploit an Insecure Deserialization Vulnerability in Rockwell Automation FactoryTalk Diagnostics.
This vulnerability is due to insufficient validation of serialized data sent to RNADiagnosticsSrv endpoint. A remote unauthenticated attacker could exploit this vulnerability by sending a crafted serialized object to the target server. Successful exploitation can result in result in arbitrary code execution under the security context of the SYSTEM.

affected-products-logoAffected Products

Rockwell Automation FactoryTalk Diagnostics .

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.us-cert.gov/ics/advisories/icsa-20-051-02

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-06-01 15.854 Default_action:pass:drop
2020-05-20 15.847

References

ICSA-20-051-02