CVE-2026-10714
Rockwell · FactoryTalk Services Platform
Rockwell Automation FactoryTalk Services Platform version 6.60 contains a flaw that permits the bypass of JSON Web Token signature validation during Okta Web Authentication.
Executive summary
A high severity authentication bypass vulnerability in Rockwell FactoryTalk Services Platform version 6.60 could allow an attacker to circumvent critical security validation processes.
Vulnerability
The platform suffers from a weak authentication mechanism (CWE-1390) where JWT signature validation can be bypassed during Okta Web Authentication. This requires a low-privileged authenticated user to initiate the exploit.
Business impact
Successful exploitation allows an attacker to bypass authentication checks, potentially gaining unauthorized administrative access to the FactoryTalk Services Platform. This could lead to the compromise of industrial control systems or sensitive operational technology data. Given the CVSS score of 8.8, this vulnerability represents a substantial risk to operational continuity and system security.
Remediation
Immediate Action: Apply the vendor-provided patch, RAID 1158263, to the affected FactoryTalk Services Platform version 6.60.
Proactive Monitoring: Monitor authentication logs for anomalous login activity or multiple failed attempts that might precede or follow a bypass attempt.
Compensating Controls: Restrict network access to the FactoryTalk Services Platform to known, trusted internal IP addresses to minimize the attack surface while the patch is being deployed.
Exploitation status
Public Exploit Available: No confirmed public exploit (weaponized or otherwise) is available in the provided data.
Analyst recommendation
Security teams must prioritize the application of the official Rockwell Automation patch to remediate this authentication flaw. Failure to address this vulnerability could leave critical infrastructure systems exposed to unauthorized access, making immediate patching a high-priority task.