Unauthorized Access Vulnerability in Rockwell Automation Products

CVE-2024-9412

Summary

An improper authorization vulnerability exists in various Rockwell Automation products, potentially allowing an unauthorized user to sign in and access sensitive information that should be restricted. This situation can arise from accidental or unexpected removal of role mappings by administrators. If exploited, it may enable unauthorized individuals to interact with data that was previously accessible to them, but is no longer intended for their use. Administrators should be vigilant in managing role mappings and promptly applying any necessary security measures to safeguard against this vulnerability.

References