Rockwell Automation has issued six security advisories addressing critical and high-severity vulnerabilities in several of its products. The flaws affect FactoryTalk industrial automation software, including View Machine Edition and View Site Edition, where issues could lead to arbitrary command execution, local code execution, and unauthorized system access. Additionally, a critical vulnerability in the DataMosaix Private Cloud platform, a path traversal flaw, a DoS vulnerability in the ICE2 controller, and a credential exposure issue in PowerFlex 755 were patched. The vulnerabilities, which have not been reported as exploited, also include a KEPServer DoS flaw identified during the Pwn2Own 2023 competition. Organizations are urged to address these risks as industrial systems are often targeted by cyberattacks.

‍