CVSS Score of 10 (low)


Published Jun 13, 2023
Updated: Jun 26, 2023
CWE ID 346


CVE-2023-2639 is a vulnerability in Rockwell Automation's FactoryTalk System Services that allows a threat actor to craft a malicious website and send a malicious script to connect to the local WebSocket endpoint. The vulnerability affects the FactoryTalk Policy Manager, potentially exposing information such as the installation status and security policy. Remediation for this vulnerability has not been specified. This vulnerability poses a medium level of risk, with a base severity score of 4.7 out of 10 according to NVD and 4.1 out of 10 according to Rockwell Automation's PSIRT.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-2639 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options