CVE-2024-37365
published 2024-11-12CVE-2024-37365: A remote code execution vulnerability exists in the affected product. The vulnerability allows users to save projects within the public directory allowing…
PriorityP342high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.23%
13.2th percentile
A remote code execution vulnerability exists in the affected
product. The vulnerability allows users to save projects within the public
directory allowing anyone with local access to modify and/or delete files. Additionally,
a malicious user could potentially leverage this vulnerability to escalate
their privileges by changing the macro to execute arbitrary code.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rockwell_automation | factorytalk_view_machine_edition | — | — |
| rockwellautomation | factorytalk_view | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv4.07.0HIGHCVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Rockwell Automation FactoryTalk View ME
cisa_ics·2024-11-12·CVSS 7.0
[HIGH] Rockwell Automation FactoryTalk View ME
ICS Advisory
##
Rockwell Automation FactoryTalk View ME
Release DateNovember 12, 2024
Alert CodeICSA-24-317-03
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 7.0
- ATTENTION: Low attack complexity
- Vendor: Rockwell Automation
- Equipment: FactoryTalk View ME
- Vulnerability: Improper Input Validation
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could allow a local low-privileged user to escalate their privileges by changing the macro to execute arbitrary code.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
Rockwell Automation reports that the following versions of FactoryTalk Software are affected:
- FactoryTalk View ME, when using default fo
GHSA
GHSA-rqpf-4v4j-r7wp: A remote code execution vulnerability exists in the affected
product
ghsa_unreviewed·2024-11-12
CVE-2024-37365 [HIGH] CWE-20 GHSA-rqpf-4v4j-r7wp: A remote code execution vulnerability exists in the affected
product
A remote code execution vulnerability exists in the affected
product. The vulnerability allows users to save projects within the public
directory allowing anyone with local access to modify and/or delete files. Additionally,
a malicious user could potentially leverage this vulnerability to escalate
their privileges by changing the macro to execute arbitrary code.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-11-12
Published