CVE-2024-45824
FactoryTalk® View Site Edition Remote Code Execution Vulnerability via Lack of Input Validation
Vexday Risk Score
28Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 9.2EPSS 1.3%KEV nãoPoC —Patch —
Ciclo de vida
12 sep 2024Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
CVE-2024-45824 IMPACT
A remote
code vulnerability exists in the affected products. The vulnerability occurs
when chained with Path Traversal, Command Injection, and XSS Vulnerabilities
and allows for full unauthenticated remote code execution. The link in the
mitigations section below contains patches to fix this issue.
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Productos afectados
Rockwell Automation · FactoryTalk View Site Edition¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →