CVE-2024-6326
Rockwell Automation Unsecured Private Keys in FactoryTalk® System Services
Vexday Risk Score
8Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 1.8EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
16 Jul 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk® System Service. A malicious user could exploit this vulnerability by starting a back-up or restore process, which temporarily exposes private keys, passwords, pre-shared keys, and database folders when they are temporarily copied to an interim folder. This vulnerability is due to the lack of explicit permissions set on the backup folder. If private keys are obtained by a malicious user, they could impersonate resources on the secured network.
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
Affected products
Rockwell Automation · FactoryTalk® Policy Manager (FTPM)Rockwell Automation · FactoryTalk® System Services (installed via FTPM)Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →