All the vulnerabilites related to Rockwell Automation - FactoryTalk® View SE
cve-2024-4609
Vulnerability from cvelistv5
Published
2024-05-16 15:13
Modified
2024-08-01 20:47
Severity ?
EPSS score ?
Summary
Rockwell Automation Datalog Function within in FactoryTalk® View SE contains SQL Injection Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Rockwell Automation | FactoryTalk® View SE |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:rockwellautomation:factorytalk_view:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "factorytalk_view",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4609",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-24T18:10:40.296727Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:53:40.228Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:47:41.128Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1670.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FactoryTalk\u00ae View SE",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c14"
}
]
}
],
"datePublic": "2024-05-16T14:58:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eA vulnerability exists in the Rockwell Automation FactoryTalk\u00ae View SE Datalog function that could allow a threat actor to inject a malicious SQL statement if the SQL database has no authentication in place or if legitimate credentials were stolen. If exploited, the attack could result in information exposure, revealing sensitive information. Additionally, a threat actor could potentially modify and delete the data in a remote database. An attack would only affect the HMI design time, not runtime. \u0026nbsp; \u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\n\n"
}
],
"value": "A vulnerability exists in the Rockwell Automation FactoryTalk\u00ae View SE Datalog function that could allow a threat actor to inject a malicious SQL statement if the SQL database has no authentication in place or if legitimate credentials were stolen. If exploited, the attack could result in information exposure, revealing sensitive information. Additionally, a threat actor could potentially modify and delete the data in a remote database. An attack would only affect the HMI design time, not runtime."
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-16T15:13:45.048Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1670.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cul\u003e\u003cli\u003eCorrected in v11,12, 13 and later.\u003c/li\u003e\u003cli\u003e\n\n\u003cp\u003eUsers using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply security best practices, where possible.\u202f\u202f\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\"\u003eSecurity Best Practices\u003c/a\u003e\u202f\u202f\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\n\n\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "* Corrected in v11,12, 13 and later.\n * \n\nUsers using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply security best practices, where possible.\u202f\u202f\n\n\u00a0\n\n * Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Rockwell Automation Datalog Function within in FactoryTalk\u00ae View SE contains SQL Injection Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2024-4609",
"datePublished": "2024-05-16T15:13:45.048Z",
"dateReserved": "2024-05-07T14:56:25.894Z",
"dateUpdated": "2024-08-01T20:47:41.128Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-37367
Vulnerability from cvelistv5
Published
2024-06-14 14:17
Modified
2024-08-02 03:50
Severity ?
EPSS score ?
Summary
Rockwell Automation FactoryTalk® View SE v12 Information Leakage Vulnerability via Authentication Restriction
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Rockwell Automation | FactoryTalk® View SE |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37367",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T15:37:14.017276Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T15:37:26.533Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:50:56.151Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1675.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FactoryTalk\u00ae View SE",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v12"
}
]
}
],
"datePublic": "2024-06-13T13:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA user authentication vulnerability exists in the Rockwell Automation FactoryTalk\u00ae View SE v12. The vulnerability allows a user from a remote system with FTView to send a packet to the customer\u2019s server to view an HMI project. This action is allowed without proper authentication verification.\u003c/span\u003e\n\n"
}
],
"value": "A user authentication vulnerability exists in the Rockwell Automation FactoryTalk\u00ae View SE v12. The vulnerability allows a user from a remote system with FTView to send a packet to the customer\u2019s server to view an HMI project. This action is allowed without proper authentication verification."
}
],
"impacts": [
{
"capecId": "CAPEC-114",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-114 Authentication Abuse"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T14:17:54.951Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1675.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cul\u003e\u003cli\u003eCorrected in software version v14.0. \u003c/li\u003e\u003cli\u003e\u003cp\u003eUsers using the affected software, who are not able to upgrade to one of the corrected versions, are encouraged to apply security best practices, where possible.\u202f\u202f\u202f\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003eIt is recommended that users enforce proper access controls within the network and segment networks containing sensitive information using IPSec: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1090456\"\u003ehttps://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1090456\u003c/a\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\"\u003eSecurity Best Practices\u003c/a\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "* Corrected in software version v14.0. \n * Users using the affected software, who are not able to upgrade to one of the corrected versions, are encouraged to apply security best practices, where possible.\u202f\u202f\u202f\n\n * It is recommended that users enforce proper access controls within the network and segment networks containing sensitive information using IPSec: https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1090456 \n\n\n\n\n * Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Rockwell Automation FactoryTalk\u00ae View SE v12 Information Leakage Vulnerability via Authentication Restriction",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2024-37367",
"datePublished": "2024-06-14T14:17:54.951Z",
"dateReserved": "2024-06-06T20:18:27.551Z",
"dateUpdated": "2024-08-02T03:50:56.151Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-37368
Vulnerability from cvelistv5
Published
2024-06-14 14:30
Modified
2024-08-02 03:50
Severity ?
EPSS score ?
Summary
Rockwell Automation FactoryTalk® View SE v11 Information Leakage Vulnerability via Authentication Restriction
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Rockwell Automation | FactoryTalk® View SE |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:rockwellautomation:factorytalk_view:-:*:*:*:se:*:*:*"
],
"defaultStatus": "unaffected",
"product": "factorytalk_view",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "v14.0",
"status": "affected",
"version": "v11.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37368",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-18T16:26:32.782829Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-18T16:33:16.826Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:50:56.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1676.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FactoryTalk\u00ae View SE",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v11.0"
}
]
}
],
"datePublic": "2024-06-13T13:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA user authentication vulnerability exists in the Rockwell Automation\u0026nbsp;FactoryTalk\u00ae View SE. The vulnerability allows a user from a remote system with FTView to send a packet to the customer\u2019s server to view an HMI project. Due to the lack of proper authentication, this action is allowed without proper authentication verification.\u003c/span\u003e\n\n"
}
],
"value": "A user authentication vulnerability exists in the Rockwell Automation\u00a0FactoryTalk\u00ae View SE. The vulnerability allows a user from a remote system with FTView to send a packet to the customer\u2019s server to view an HMI project. Due to the lack of proper authentication, this action is allowed without proper authentication verification."
}
],
"impacts": [
{
"capecId": "CAPEC-114",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-114 Authentication Abuse"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T14:30:53.422Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1676.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cul\u003e\u003cli\u003eCorrected in software version v14.0.\u003c/li\u003e\u003cli\u003e\n\n\u003cp\u003eUsers using the affected software, who are not able to upgrade to one of the corrected versions, are encouraged to apply security best practices, where possible.\u202f\u202f\u202f\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003eIt is recommended that users enforce proper access controls within the network and segment networks containing sensitive information using IPSec: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1090456\"\u003ehttps://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1090456\u003c/a\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\"\u003eSecurity Best Practice\u003c/a\u003es\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "* Corrected in software version v14.0.\n * \n\nUsers using the affected software, who are not able to upgrade to one of the corrected versions, are encouraged to apply security best practices, where possible.\u202f\u202f\u202f\n\n * It is recommended that users enforce proper access controls within the network and segment networks containing sensitive information using IPSec: https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1090456 \n\n\n\n\n * Security Best Practice https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight s"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Rockwell Automation FactoryTalk\u00ae View SE v11 Information Leakage Vulnerability via Authentication Restriction",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2024-37368",
"datePublished": "2024-06-14T14:30:53.422Z",
"dateReserved": "2024-06-06T20:18:27.551Z",
"dateUpdated": "2024-08-02T03:50:56.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-37369
Vulnerability from cvelistv5
Published
2024-06-14 16:50
Modified
2024-08-02 03:50
Severity ?
EPSS score ?
Summary
Rockwell Automation FactoryTalk® View SE Local Privilege Escalation Vulnerability via Local File Permissions
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Rockwell Automation | FactoryTalk® View SE |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:rockwellautomation:factorytalk_view:-:*:*:*:se:*:*:*"
],
"defaultStatus": "unknown",
"product": "factorytalk_view",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "14.0",
"status": "affected",
"version": "12.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37369",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-14T18:11:26.338616Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T18:13:03.399Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:50:56.129Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1674.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FactoryTalk\u00ae View SE",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "12.0"
}
]
}
],
"datePublic": "2024-06-13T13:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further access within the system.\u003c/span\u003e\n\n"
}
],
"value": "A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further access within the system."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T16:50:20.187Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1674.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003e\u003cb\u003eAFFECTED PRODUCTS AND SOLUTION\u003c/b\u003e\u003c/p\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eAffected Product\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eFirst Known in software version\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCorrected in software version \u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eFactoryTalk\u00ae View SE\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eV12.0\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev14\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e\n\n\u003cp\u003e\u003cb\u003eMitigations and Workarounds \u003c/b\u003e\u003c/p\u003e\u003cp\u003eUsers using the affected software, who are not able to upgrade to one of the corrected versions, are encouraged to apply security best practices, where possible.\u202f\u202f\u202f\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003eUse the Secure Install option when installing FactoryTalk\u00ae Services Platform.\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\"\u003eSecurity Best Practices\u003c/a\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "AFFECTED PRODUCTS AND SOLUTION\n\n\u00a0\n\n\u00a0\n\nAffected Product\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nFirst Known in software version\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCorrected in software version \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nFactoryTalk\u00ae View SE\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV12.0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv14\n\n\u00a0\n\n\n\n\nMitigations and Workarounds \n\nUsers using the affected software, who are not able to upgrade to one of the corrected versions, are encouraged to apply security best practices, where possible.\u202f\u202f\u202f\n\n * Use the Secure Install option when installing FactoryTalk\u00ae Services Platform.\n\n\n\n\n * Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Rockwell Automation FactoryTalk\u00ae View SE Local Privilege Escalation Vulnerability via Local File Permissions",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2024-37369",
"datePublished": "2024-06-14T16:50:20.187Z",
"dateReserved": "2024-06-06T20:18:27.551Z",
"dateUpdated": "2024-08-02T03:50:56.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}