CVE-2023-2778— Rockwell Automation FactoryTalk Transaction Manager Vulnerable to Denial-Of-Service
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-2778
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Rockwell Automation FactoryTalk Transaction Manager Vulnerable to Denial-Of-Service
Source: NVD (National Vulnerability Database)
Vulnerability Description
A denial-of-service vulnerability exists in Rockwell Automation FactoryTalk Transaction Manager. This vulnerability can be exploited by sending a modified packet to port 400. If exploited, the application could potentially crash or experience a high CPU or memory usage condition, causing intermittent application functionality issues. The application would need to be restarted to recover from the DoS.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Rockwell Automation FactoryTalk Transaction Manager 资源管理错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Rockwell Automation FactoryTalk Transaction Manager是美国罗克韦尔(Rockwell Automation)公司的一个用于保存数据库数据的控制系统。 Rockwell Automation FactoryTalk Transaction Manager存在安全漏洞。攻击者利用该漏洞导致系统拒绝服务。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Rockwell Automation | FactoryTalk Transaction Manager | <=v13.10 | - |
II. Public POCs for CVE-2023-2778
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2023-2778
请登录查看更多情报信息。
Same Patch Batch · Rockwell Automation · 2023-06-13 · 4 CVEs total
| CVE-2023-2637 | 7.3 HIGH | Rockwell Automation FactoryTalk System Services Vulnerable To Use Of Hard-Coded Cryptograp |
| CVE-2023-2638 | 5.9 MEDIUM | Rockwell Automation FactoryTalk System Services Vulnerable to a Denial-of-Service Attack |
| CVE-2023-2639 | 4.1 MEDIUM | Rockwell Automation FactoryTalk System Services Vulnerable to Sensitive Information Disclo |
IV. Related Vulnerabilities
Same vendor: Rockwell Automation
- CVE-2025-9283
ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities - CVE-2025-9282
ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities - CVE-2025-9281
ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities - CVE-2025-9280
ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities - CVE-2025-14027
Rockwell Automation Recommends Upgrading From 1756-RM2 XT To
Same weakness: CWE-400
- CVE-2026-8187
Open5GS UPF gtp-path.c _gtpv1_u_recv_cb resource consumption - CVE-2026-42343
FastGPT: Uncontrolled Resource Consumption leading to Sandbo - CVE-2026-42212
SolidCAM-GPPL-IDE: XML External Entity (XXE) and billion-lau - CVE-2026-32686
Unbounded exponent in decimal enables unauthenticated DoS - CVE-2026-20188
Cisco Crosswork Network Controller and Cisco Network Service
V. Comments for CVE-2023-2778
No comments yet