A remote, unauthenticated attacker could use an XML External Entity (XXE) attack to exploit weakly configured XML files to access local or remote content. A successful exploit could potentially cause a denial-of-service condition and allow the attacker to arbitrarily read any local file via system-level services.
Denial of service
FactoryTalk Services Platform Versions 6.11.00 and earlier
Affected users are encouraged to use Rockwell Automation Knowledgebase article 25612.