Code Execution Vulnerability in Affected Product
CVE-2024-7513

8.5HIGH

Key Information:

Vendor: Rockwell Automation
Status: Factorytalk View Site Edition
Vendor: CVE Published:; 14 August 2024

🔔 Create Rockwell Automation Vulnerability Alert

What is CVE-2024-7513?

A code execution vulnerability has been identified in Rockwell Automation products due to improper default file permissions. This flaw allows any user to modify or replace critical files, which are then executed by accounts with elevated privileges. As a result, this vulnerability poses significant risks to system integrity and security, as unauthorized users may alter functions or gain control over sensitive automation processes.

Affected Version(s)

FactoryTalk View Site Edition 13.0

References

https://www.rockwellautomation.com/en-us/trust-center/sec...

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 14, 2024

JSON