Privilege Escalation Vulnerability Allows Low-Privilege Users to Bypass Access Control Lists
CVE-2024-37369

8.8HIGH

Key Information:

Vendor: Rockwell Automation
Status: Factorytalk® View Se
Vendor: CVE Published:; 14 June 2024

🔔 Create Rockwell Automation Vulnerability Alert

What is CVE-2024-37369?

A privilege escalation vulnerability is present in Rockwell Automation software that enables low-privilege users to modify scripts. This exploit circumvents established Access Control Lists (ACLs), which may result in unauthorized access and actions within the system. The impact of this vulnerability can lead to severe security risks, as it allows attackers to gain elevated privileges and control over sensitive system functionalities.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

FactoryTalk® View SE 12.0

References

https://www.rockwellautomation.com/en-us/trust-center/sec...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 14, 2024
Vulnerability Reserved
Jun 6, 2024

JSON

Rockwell Automation

What is CVE-2024-37369?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.