Rewterz Threat Advisory – CVE-2021-23392 – Node.js locutus module vulnerabilities
June 11, 2021Rewterz Threat Advisory – Multiple Vulnerabilities of Citrix ADC and Gateway
June 11, 2021Rewterz Threat Advisory – CVE-2021-23392 – Node.js locutus module vulnerabilities
June 11, 2021Rewterz Threat Advisory – Multiple Vulnerabilities of Citrix ADC and Gateway
June 11, 2021Severity
High
Analysis Summary
CVE-2021-32960
FactoryTalk Services Platform contains a vulnerability that may allow a remote, authenticated attacker to bypass FactoryTalk Security policies based on the computer name. If successfully exploited, this may allow an attacker to have the same privileges as if they were logged on to the client machine.
Impact
- Privilege Escalation
Affected Vendors
Rockwell Automation
Affected Products
- FactoryTalk Services Platform v6.11 and earlier
Remediation
Refer to vendor advisory for the complete list of affected products and their respective patches at https://us-cert.cisa.gov/ics/advisories/icsa-21-161-01