Volerion logoVolerion
Volerion logoVolerion

Rockwell Automation FactoryTalk Activation Manager Cryptographic Vulnerability Allowing Traffic Decryption

Vulnerability

A vulnerability exists in Rockwell Automation's FactoryTalk Activation Manager, specifically in version 5.00. The issue arises from an error in the implementation of cryptography, which could enable attackers to decrypt traffic. This vulnerability could lead to data exposure, session hijacking, or a complete compromise of communication.

Impact

Exploitation of this vulnerability could result in decrypted traffic, allowing for potential data exposure, session hijacking, or full communication compromise.

Remediation

Users of FactoryTalk Activation Manager version 5.00 should upgrade to version 5.02. For those unable to upgrade, Rockwell Automation recommends following their security best practices.

Added: Sep 9, 2025, 1:21 PM
Updated: Sep 9, 2025, 4:53 PM

Vulnerability Rating

Custom Algorithm
spread
0.3
impact
2.5
exploitability
5.6
remediation
7.9
relevance
0.5
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.