PT-2024-9955 · Rockwell Automation · Rockwell Automation Factorytalk System Service

Published

2024-06-25

Updated

2024-09-23

CVE-2024-6326

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Rockwell Automation FactoryTalk System Service (affected versions not specified)

Description: The issue is related to the exposure of sensitive information due to the lack of explicit permissions set on the backup folder. A malicious user could exploit this by starting a back-up or restore process, which temporarily exposes private keys, passwords, pre-shared keys, and database folders when they are temporarily copied to an interim folder. If private keys are obtained, the malicious user could impersonate resources on the secured network.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Privilege Management

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269CWE-276

Related Identifiers

BDU:2025-00067

CVE-2024-6326

Affected Products

Rockwell Automation Factorytalk System Service

CVE-2024-6326

Weakness Enumeration

Related Identifiers

Affected Products

References · 7