Local Privilege Escalation Vulnerability in Rockwell Automation Products
CVE-2024-10945

Currently unrated

Key Information:

Vendor: Rockwell Automation
Vendor: CVE Published:; 12 November 2024

Summary

A Local Privilege Escalation vulnerability has been identified in select products from Rockwell Automation. This flaw allows a local attacker with low privileges to exploit the vulnerability by replacing specific files during an update process. The underlying issue stems from inadequate security checks prior to the installation, enabling potential unauthorized access and control. Organizations using affected versions must prioritize audit and remediation efforts to safeguard against unauthorized alterations that could compromise system integrity.

References

https://www.rockwellautomation.com/en-us/trust-center/sec...

Timeline

Vulnerability published
Nov 12, 2024