Skip to main content

Factorytalk View CVE-2024-37365

HIGH
Improper Input Validation (CWE-20)
2024-11-12 PSIRT@rockwellautomation.com
7.0
CVSS 4.0 · Vendor: rockwellautomation
Share

Severity by source

Vendor (rockwellautomation) PRIMARY
7.0 HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from Vendor (rockwellautomation) · only source for this CVE.

CVSS VectorVendor: rockwellautomation

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
P
Scope
X

Lifecycle Timeline

1
CVE Published
Nov 12, 2024 - 15:15 cve.org
HIGH 7.0

DescriptionCVE.org

A remote code execution vulnerability exists in the affected product. The vulnerability allows users to save projects within the public directory allowing anyone with local access to modify and/or delete files. Additionally, a malicious user could potentially leverage this vulnerability to escalate their privileges by changing the macro to execute arbitrary code.

AnalysisAI

A remote code execution vulnerability exists in the affected product. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-20. A remote code execution vulnerability exists in the affected product. The vulnerability allows users to save projects within the public directory allowing anyone with local access to modify and/or delete files. Additionally, a malicious user could potentially leverage this vulnerability to escalate their privileges by changing the macro to execute arbitrary code. Affected products include: Rockwellautomation Factorytalk View.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2020-12028 HIGH POC
8.1 Jul 20

In all versions of FactoryTalk View SEA remote, an authenticated attacker may be able to utilize certain handlers to int

CVE-2020-12029 HIGH POC
7.8 Jul 20

All versions of FactoryTalk View SE do not properly validate input of filenames within a project directory. Rated high s

CVE-2020-12027 MEDIUM POC
4.3 Jul 20

All versions of FactoryTalk View SE disclose the hostnames and file paths for certain files within the system. Rated med

CVE-2023-2071 CRITICAL
9.8 Sep 12

Rockwell Automation FactoryTalk View Machine Edition on the PanelView Plus, improperly verifies user’s input, which allo

CVE-2024-45824 CRITICAL
9.2 Sep 12

CVE-2024-45824 IMPACT A remote code vulnerability exists in the affected products. Rated critical severity (CVSS 9.2), t

CVE-2024-4609 HIGH
8.8 May 16

A vulnerability exists in the Rockwell Automation FactoryTalk® View SE Datalog function that could allow a threat actor

CVE-2024-7513 HIGH
8.5 Aug 14

CVE-2024-7513 IMPACT A code execution vulnerability exists in the affected product. Rated high severity (CVSS 8.5), this

CVE-2024-37369 HIGH
8.5 Jun 14

A privilege escalation vulnerability exists in the affected product. Rated high severity (CVSS 8.5), this vulnerability

CVE-2024-37368 HIGH
8.2 Jun 14

A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE. Rated high severity (CVSS 8.

CVE-2024-37367 HIGH
8.2 Jun 14

A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE v12. Rated high severity (CVS

CVE-2020-12031 HIGH
7.8 Jul 20

In all versions of FactoryTalk View SE, after bypassing memory corruption mechanisms found in the operating system, a lo

CVE-2023-46289 HIGH
7.5 Oct 27

Rockwell Automation FactoryTalk View Site Edition insufficiently validates user input, which could potentially allow thr

Share

CVE-2024-37365 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy