CVE-2024-7513 Vulnerability Details

  /     /     /  

CVE-2024-7513 Metadata Quick Info

CVE Published: 14/08/2024 | CVE Updated: 14/08/2024 | CVE Year: 2024
Source: Rockwell | Vendor: Rockwell Automation | Product: FactoryTalk View Site Edition
Status : PUBLISHED

CVE-2024-7513 Description

CVE-2024-7513 IMPACT A code execution vulnerability exists in the affected product. The vulnerability occurs due to improper default file permissions allowing any user to edit or replace files, which are executed by account with elevated permissions.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-732
CWE Name: CWE-732 Incorrect Permission Assignment for Critical Resource
Source: Rockwell Automation

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID: CAPEC-576
CAPEC Description: CAPEC-576 Group Permission Footprinting