SD1669 | Security Advisory | Rockwell Automation

Severity:

High

Advisory ID:

SD1669

Published Date:

May 06, 2024

Last Updated:

November 19, 2024

Revision Number:

1.0

Known Exploited Vulnerability (KEV):

Corrected:

Yes

Workaround:

CVE IDs

CVE-2023-31274,

CVE-2023-34348

Downloads

The following link(s) provide the security advisory in Vulnerability Exploitability Exchange format:

JSON

Summary

FactoryTalk® Historian SE Vulnerable to AVEVA-2024-001 and AVEVA-2024-002

Published Date: May 9, 2024

Last updated: August 5, 2025

Revision Number: 1.0

CVSS Score: v3.1: 7.5/10, v4.0: 7.7/10

AFFECTED PRODUCTS AND SOLUTION

Affected Product

Affected Versions

Corrected in software version

FactoryTalk® Historian SE

< v9.0

v9.01 and later

SECURITY ISSUE DETAILS

Rockwell Automation used version 3.1 and 4.0 of the CVSS scoring system to assess the following security issues.

CVE-2023-31274 IMPACT

FactoryTalk® Historian SE utilizes the AVEVA PI Server, which contains a security issue. This could allow an unauthenticated user to cause a partial denial-of-service condition. This happens in the PI Message Subsystem of a PI Server by consuming available memory. This exists in FactoryTalk® Historian SE versions 9.0 and earlier. Use of this issue could cause FactoryTalk® Historian SE to become unavailable. This would requiring a power cycle to recover it.

CVSS Base Score v3.1: 7.5/10

CVSS Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS Base Score v4.0: 7.7/10

CVSS Vector String: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H

CWE: Dependency on Vulnerable third-party Component

CVE-2023-34348 IMPACT

FactoryTalk® Historian SE use the AVEVA PI Server. This contains a security issue that could allow an unauthenticated user to remotely crash the PI Message Subsystem of a PI Server. This would result in a denial-of-service condition. This issue exists in FactoryTalk® Historian SE versions 9.0 and earlier. Use of this could cause FactoryTalk® Historian SE to become unavailable. This requires a power cycle to recover it.

CVSS Base Score v3.1: 7.5/10

CVSS Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS Base Score v4.0: 7.7/10

CVSS Vector String: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H

CWE: Dependency on Vulnerable third-party Component

Known Exploited Vulnerability (KEV) database: No

Users can use Stakeholder-Specific Vulnerability Categorization to create more environment-specific categories.

Mitigations and Workarounds

Customers using the affected software should install FactoryTalk® Historian SE version 9.01 or higher as soon as feasible. For customers unable to upgrade to v9.0, defensive measures are available in the Rockwell article.

https://idp.rockwellautomation.com/adfs/ls/idpinitiatedsignon.aspx?RelayState=RPID%3Drockwellautomation.custhelp.com%26RelayState%3Danswers%2Fanswer_view%2Fa_id%2F1150873

Customers should use our suggested security best practices to minimize the risks.

Security Best Practices

ADDITIONAL RESOURCES

Glossary

Denial-of-Service: malicious attempt to overwhelm a web property with traffic in order to disrupt its normal operations

Known Exploited Vulnerability (KEV) database: an official list of security flaws that attackers have actively exploited

PI Message Subsystem: A part of the PI System that handles logging and messaging. IT is responsible for managing PI Logs, which are binary files located in the PI/Log folder on a PI Server or PIPC/Log on clients and interfaced nodes