CVE-2024-37369 - Vulnerability Details - OpenCVE

A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further access within the system.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Rockwellautomation	Factorytalk View

Configuration 1 [-]

cpe:2.3:a:rockwellautomation:factorytalk_view:*:*:*:*:se:*:*:*

No data.

References

Link	Providers
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1674.html

History

Fri, 31 Jan 2025 16:15:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:a:rockwellautomation:factorytalk_view:::::se:::*
Metrics		cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: Rockwell

Published: 2024-06-14T16:50:20.187Z

Updated: 2024-08-02T03:50:56.129Z

Reserved: 2024-06-06T20:18:27.551Z

Link: CVE-2024-37369

Vulnrichment

Updated: 2024-06-14T18:12:56.409Z

NVD

Status : Analyzed

Published: 2024-06-14T17:15:51.310

Modified: 2025-01-31T15:45:19.597

Link: CVE-2024-37369

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-37369", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "state": "PUBLISHED", "assignerShortName": "Rockwell", "dateReserved": "2024-06-06T20:18:27.551Z", "datePublished": "2024-06-14T16:50:20.187Z", "dateUpdated": "2024-08-02T03:50:56.129Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "FactoryTalk\u00ae View SE", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "12.0"}]}], "datePublic": "2024-06-13T13:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further access within the system.</span>\n\n"}], "value": "A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further access within the system."}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 8.5, "baseSeverity": "HIGH", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2024-06-14T16:50:20.187Z"}, "references": [{"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1674.html"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<p><b>AFFECTED PRODUCTS AND SOLUTION</b></p><table><tbody><tr><td><p> </p><p> </p><p>Affected Product</p><p> </p><p> </p></td><td><p> </p><p> </p><p>First Known in software version</p><p> </p><p> </p></td><td><p> </p><p> </p><p>Corrected in software version </p><p> </p><p> </p></td></tr><tr><td><p> </p><p> </p><p>FactoryTalk\u00ae View SE</p><p> </p><p> </p></td><td><p> </p><p> </p><p>V12.0</p><p> </p><p> </p></td><td><p> </p><p> </p><p>v14</p><p> </p></td></tr></tbody></table><br>\n\n<p><b>Mitigations and Workarounds </b></p><p>Users using the affected software, who are not able to upgrade to one of the corrected versions, are encouraged to apply security best practices, where possible.\u202f\u202f\u202f</p><ul><li><p>Use the Secure Install option when installing FactoryTalk\u00ae Services Platform.</p></li></ul><ul><li><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\">Security Best Practices</a></p></li></ul>\n\n<br>"}], "value": "AFFECTED PRODUCTS AND SOLUTION\n\n\u00a0\n\n\u00a0\n\nAffected Product\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nFirst Known in software version\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCorrected in software version \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nFactoryTalk\u00ae View SE\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV12.0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv14\n\n\u00a0\n\n\n\n\nMitigations and Workarounds \n\nUsers using the affected software, who are not able to upgrade to one of the corrected versions, are encouraged to apply security best practices, where possible.\u202f\u202f\u202f\n\n * Use the Secure Install option when installing FactoryTalk\u00ae Services Platform.\n\n\n\n\n * Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"}], "source": {"discovery": "INTERNAL"}, "title": "Rockwell Automation FactoryTalk\u00ae View SE Local Privilege Escalation Vulnerability via Local File Permissions", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "rockwellautomation", "product": "factorytalk_view", "cpes": ["cpe:2.3:a:rockwellautomation:factorytalk_view:-:*:*:*:se:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "12.0", "status": "affected", "lessThan": "14.0", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-14T18:11:26.338616Z", "id": "CVE-2024-37369", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-14T18:13:03.399Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:50:56.129Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1674.html", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-37369", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-06-14T18:11:26.338616Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:rockwellautomation:factorytalk_view:-:*:*:*:se:*:*:*"], "vendor": "rockwellautomation", "product": "factorytalk_view", "versions": [{"status": "affected", "version": "12.0", "lessThan": "14.0", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-14T18:12:56.409Z"}}], "cna": {"title": "Rockwell Automation FactoryTalk\u00ae View SE Local Privilege Escalation Vulnerability via Local File Permissions", "source": {"discovery": "INTERNAL"}, "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.5, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Rockwell Automation", "product": "FactoryTalk\u00ae View SE", "versions": [{"status": "affected", "version": "12.0"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "AFFECTED PRODUCTS AND SOLUTION\n\n\u00a0\n\n\u00a0\n\nAffected Product\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nFirst Known in software version\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCorrected in software version \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nFactoryTalk\u00ae View SE\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV12.0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv14\n\n\u00a0\n\n\n\n\nMitigations and Workarounds \n\nUsers using the affected software, who are not able to upgrade to one of the corrected versions, are encouraged to apply security best practices, where possible.\u202f\u202f\u202f\n\n * Use the Secure Install option when installing FactoryTalk\u00ae Services Platform.\n\n\n\n\n * Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight", "supportingMedia": [{"type": "text/html", "value": "\n\n<p><b>AFFECTED PRODUCTS AND SOLUTION</b></p><table><tbody><tr><td><p> </p><p> </p><p>Affected Product</p><p> </p><p> </p></td><td><p> </p><p> </p><p>First Known in software version</p><p> </p><p> </p></td><td><p> </p><p> </p><p>Corrected in software version </p><p> </p><p> </p></td></tr><tr><td><p> </p><p> </p><p>FactoryTalk\u00ae View SE</p><p> </p><p> </p></td><td><p> </p><p> </p><p>V12.0</p><p> </p><p> </p></td><td><p> </p><p> </p><p>v14</p><p> </p></td></tr></tbody></table><br>\n\n<p><b>Mitigations and Workarounds </b></p><p>Users using the affected software, who are not able to upgrade to one of the corrected versions, are encouraged to apply security best practices, where possible.\u202f\u202f\u202f</p><ul><li><p>Use the Secure Install option when installing FactoryTalk\u00ae Services Platform.</p></li></ul><ul><li><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\">Security Best Practices</a></p></li></ul>\n\n<br>", "base64": false}]}], "datePublic": "2024-06-13T13:00:00.000Z", "references": [{"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1674.html"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further access within the system.", "supportingMedia": [{"type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further access within the system.</span>\n\n", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2024-06-14T16:50:20.187Z"}}}, "cveMetadata": {"cveId": "CVE-2024-37369", "state": "PUBLISHED", "dateUpdated": "2024-06-14T18:13:03.399Z", "dateReserved": "2024-06-06T20:18:27.551Z", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "datePublished": "2024-06-14T16:50:20.187Z", "assignerShortName": "Rockwell"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rockwellautomation:factorytalk_view:*:*:*:*:se:*:*:*", "matchCriteriaId": "EFF3850B-DE22-4996-8B0B-1D1B8D36D62A", "versionEndExcluding": "14.0", "versionStartIncluding": "12.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further access within the system."}, {"lang": "es", "value": "Existe una vulnerabilidad de escalada de privilegios en el producto afectado. La vulnerabilidad permite a los usuarios con pocos privilegios editar scripts, eludir las listas de control de acceso y potencialmente obtener m\u00e1s acceso dentro del sistema."}], "id": "CVE-2024-37369", "lastModified": "2025-01-31T15:45:19.597", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "HIGH", "vulnerableSystemConfidentiality": "HIGH", "vulnerableSystemIntegrity": "HIGH"}, "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}]}, "published": "2024-06-14T17:15:51.310", "references": [{"source": "PSIRT@rockwellautomation.com", "tags": ["Vendor Advisory"], "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1674.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1674.html"}], "sourceIdentifier": "PSIRT@rockwellautomation.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-732"}], "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-732"}], "source": "nvd@nist.gov", "type": "Primary"}]}