CVE-2017-14022
CVE-2017-14022
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 4.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
23 Dec 2017Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An Improper Input Validation issue was discovered in Rockwell Automation FactoryTalk Alarms and Events, Version 2.90 and earlier. An unauthenticated attacker with remote access to a network with FactoryTalk Alarms and Events can send a specially crafted set of packets packet to Port 403/TCP (the history archiver service), causing the service to either stall or terminate.
Affected products
n/a · Rockwell Automation FactoryTalk Alarms and EventsWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →