CVE-2023-2778

Rockwell Automation FactoryTalk Transaction Manager Vulnerable to Denial-Of-Service

Description

A denial-of-service vulnerability exists in Rockwell Automation FactoryTalk Transaction Manager. This vulnerability can be exploited by sending a modified packet to port 400. If exploited, the application could potentially crash or experience a high CPU or memory usage condition, causing intermittent application functionality issues. The application would need to be restarted to recover from the DoS.

Remediation

Solution:

  • Customers using the affected software are encouraged to apply the risk mitigations below, if possible. Additionally, we encourage our customers to implement our suggested security best practices to minimize the risk of the vulnerability. * Customers should follow the instructions in BF29042 - Patch: Multiple issues, FactoryTalk Transaction Manager 13.00/13.10 https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1138425  to install the patch to mitigate the issue.

Category

7.5
CVSS
Severity: High
CVSS 3.1 •
EPSS 0.14%
Vendor Advisory custhelp.com
Affected: Rockwell Automation FactoryTalk Transaction Manager
Published at:
Updated at:

References

Link Tags
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139744 vendor advisory permissions required

Frequently Asked Questions

What is the severity of CVE-2023-2778?
CVE-2023-2778 has been scored as a high severity vulnerability.
How to fix CVE-2023-2778?
To fix CVE-2023-2778: Customers using the affected software are encouraged to apply the risk mitigations below, if possible. Additionally, we encourage our customers to implement our suggested security best practices to minimize the risk of the vulnerability. * Customers should follow the instructions in BF29042 - Patch: Multiple issues, FactoryTalk Transaction Manager 13.00/13.10 https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1138425  to install the patch to mitigate the issue.
Is CVE-2023-2778 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2023-2778 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-2778?
CVE-2023-2778 affects Rockwell Automation FactoryTalk Transaction Manager.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.