mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
114 lines
5.4 KiB
JSON
114 lines
5.4 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2024-37365",
|
|
"ASSIGNER": "PSIRT@rockwellautomation.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A remote code execution vulnerability exists in the affected\nproduct. The vulnerability allows users to save projects within the public\ndirectory allowing anyone with local access to modify and/or delete files. Additionally,\na malicious user could potentially leverage this vulnerability to escalate\ntheir privileges by changing the macro to execute arbitrary code."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-20 Improper Input Validation",
|
|
"cweId": "CWE-20"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Rockwell Automation",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "FactoryTalk View Machine Edition",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": ">=V14"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1709.html",
|
|
"refsource": "MISC",
|
|
"name": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1709.html"
|
|
}
|
|
]
|
|
},
|
|
"generator": {
|
|
"engine": "Vulnogram 0.2.0"
|
|
},
|
|
"source": {
|
|
"discovery": "INTERNAL"
|
|
},
|
|
"work_around": [
|
|
{
|
|
"lang": "en",
|
|
"supportingMedia": [
|
|
{
|
|
"base64": false,
|
|
"type": "text/html",
|
|
"value": "<br><p>\u00b7 \nTo enhance security and\nprevent unauthorized modifications to HMI project files, harden the Windows OS\nby removing the <b>INTERACTIVE</b> group from the folder\u2019s\nsecurity properties.</p>\n\n<p>\u00b7 \nAdd specific users or user\ngroups and assign their permissions to this folder using the least privileges\nprinciple. Users with read-only permission can still test run and run the\nFactoryTalk View ME Station.</p>\n\n<p>\u00b7 \nGuidance can be found in\nFactoryTalk View ME v14 Help topic: \u201cHMI projects folder settings\u201d. It can be opened through\nFactoryTalk View ME Studio menu \u201chelp\\Contents\\FactoryTalk View ME Help\\Create\na Machine Edition application->Open applications->HMI project folder settings\u201d. <a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\">Security\nBest Practices</a></p>\n\n\n\n\n\n<br>"
|
|
}
|
|
],
|
|
"value": "\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nTo enhance security and\nprevent unauthorized modifications to HMI project files, harden the Windows OS\nby removing the INTERACTIVE group from the folder\u2019s\nsecurity properties.\n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nAdd specific users or user\ngroups and assign their permissions to this folder using the least privileges\nprinciple. Users with read-only permission can still test run and run the\nFactoryTalk View ME Station.\n\n\n\n\u00b7 \u00a0 \u00a0 \u00a0 \u00a0\nGuidance can be found in\nFactoryTalk View ME v14 Help topic: \u201cHMI projects folder settings\u201d. It can be opened through\nFactoryTalk View ME Studio menu \u201chelp\\Contents\\FactoryTalk View ME Help\\Create\na Machine Edition application->Open applications->HMI project folder settings\u201d. \u00a0Security\nBest Practices"
|
|
}
|
|
],
|
|
"solution": [
|
|
{
|
|
"lang": "en",
|
|
"supportingMedia": [
|
|
{
|
|
"base64": false,
|
|
"type": "text/html",
|
|
"value": "Upgrade to Version 15"
|
|
}
|
|
],
|
|
"value": "Upgrade to Version 15"
|
|
}
|
|
],
|
|
"impact": {
|
|
"cvss": [
|
|
{
|
|
"attackComplexity": "LOW",
|
|
"attackVector": "LOCAL",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 7.3,
|
|
"baseSeverity": "HIGH",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"privilegesRequired": "LOW",
|
|
"scope": "UNCHANGED",
|
|
"userInteraction": "REQUIRED",
|
|
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
|
|
"version": "3.1"
|
|
}
|
|
]
|
|
}
|
|
} |