Rockwell Automation FactoryTalk Services Platform CVE-2018-18981 Denial of Service Vulnerability

Bugtraq ID:	106279
Class:	Boundary Condition Error
CVE:	CVE-2018-18981
Remote:	Yes
Local:	No
Published:	Dec 20 2018 12:00AM
Updated:	Dec 20 2018 12:00AM
Credit:	Andrey Zhukov
Vulnerable:	Rockwell Automation FactoryTalk Services Platform 2.90 Rockwell Automation FactoryTalk Services Platform 2.71.00
Not Vulnerable:	Rockwell Automation FactoryTalk Services Platform 3.00

Rockwell Automation FactoryTalk Services Platform CVE-2018-18981 Denial of Service Vulnerability

Rockwell Automation FactoryTalk Services Platform is prone to a denial-of-service vulnerability.

Successful exploits will allow attackers to cause a denial of service condition.

Rockwell Automation FactoryTalk Services Platform 2.90 and prior versions are vulnerable.

Rockwell Automation FactoryTalk Services Platform CVE-2018-18981 Denial of Service Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Rockwell Automation FactoryTalk Services Platform CVE-2018-18981 Denial of Service Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Rockwell Automation FactoryTalk Services Platform CVE-2018-18981 Denial of Service Vulnerability

References:

• Rockwell Automation Homepage (Rockwell Automation)
  
• Rockwell Automation Product Page (Rockwell Automation)
  
• Advisory (ICSA-18-331-02) (ICS-CERT)