Request a Demo
Rewterz
Rewterz Threat Advisory – ICS: B&R Industrial Automation Automation Studio and Automation Runtime
February 21, 2020
Rewterz
Rewterz Threat Advisory – ICS: Honeywell NOTI-FIRE-NET Web Server (NWS-3)
February 22, 2020

Rewterz Threat Advisory – ICS: Rockwell Automation FactoryTalk Diagnostics

Severity

High

Analysis Summary

CVE-2020-6967 

Factory Talk Diagnostics exposes a .NET Remoting endpoint via RNADiagnosticsSrv.exe at TCPtcp/8082, which can insecurely deserialize untrusted data.

Impact

Deserialization of Untrusted Data

Affected Vendors

Rockwell Automation

Affected Products

All versions of FactoryTalk Diagnostics software

Remediation

Rockwell Automation recommends affected users implement the following compensating controls, based on their needs:

  • Disable the Remote Diagnostics Service if not in use.
  • If the service is in use, use Windows Firewall Configuration to disable the affected port.