Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistRockwellCVELIST:CVE-2024-6325
HistoryJul 16, 2024 - 4:43 p.m.

CVE-2024-6325 Rockwell Automation Unsecured Private Keys in FactoryTalk® System Services

2024-07-1616:43:44
CWE-269
Rockwell
www.cve.org
15
rockwell automation
factorytalk® system services
unsecured private keys
cip security

CVSS4

6

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/SC:H/VI:N/SI:N/VA:N/SA:N

EPSS

0.009

Percentile

82.7%

JSON

The v6.40 release of Rockwell Automation FactoryTalk® Policy Manager CVE-2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html  and CVE-2022-1161 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1585.html  by implementing CIP security and did not update to the versions of the software CVE-2022-1161 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1585.html  and CVE-2022-1161. https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1585.html

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "FactoryTalk® System Services (installed via FTPM)",
    "vendor": "Rockwell Automation",
    "versions": [
      {
        "status": "affected",
        "version": "6.40"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "FactoryTalk® Policy Manager (FTPM)",
    "vendor": "Rockwell Automation",
    "versions": [
      {
        "status": "affected",
        "version": "v6.40"
      }
    ]
  }
]

Related

nvd 3
cve 3
vulnrichment 1
nessus 3
prion 2
cvelist 2
ics 3
thn 3
nvd
nvd
CVE-2024-6325
2024-07-16 17:15:11
CVE-2021-22681
2021-03-03 18:15:14
CVE-2022-1161
2022-04-11 20:15:18
cve
cve
CVE-2024-6325
2024-07-16 17:15:11
CVE-2021-22681
2021-03-03 18:15:14
CVE-2022-1161
2022-04-11 20:15:18
vulnrichment
vulnrichment
CVE-2024-6325 Rockwell Automation Unsecured Private Keys in FactoryTalk® System Services
2024-07-16 16:43:44
nessus
nessus
Rockwellautomation Rslogix Insufficiently Protected Credentials
2021-08-10 00:00:00
Rockwell Automation Logix Controllers Insufficiently Protected Credentials (CVE-2021-22681)
2022-02-07 00:00:00
Rockwell Automation Logix Controllers Inclusion of Functionality From Untrusted Control Sphere (CVE-2022-1161)
2022-04-28 00:00:00
prion
prion
Design/Logic Flaw
2021-03-03 18:15:00
Code injection
2022-04-11 20:15:00
cvelist
cvelist
CVE-2021-22681
2021-03-03 17:59:43
CVE-2022-1161 ICSA-22-090-05 Rockwell Automation Logix Controllers
2022-03-31 00:00:00
ics
ics
Rockwell Automation Logix Controllers (Update A)
2021-03-18 12:00:00
Rockwell Automation Logix Controllers
2022-03-31 12:00:00
Rockwell Automation FactoryTalk System Services and Policy Manager
2024-07-11 12:00:00
thn
thn
Critical Bug in Siemens SIMATIC PLCs Could Let Attackers Steal Cryptographic Keys
2022-10-12 10:41:00
Critical Bugs in Rockwell PLC Could Allow Hackers to Implant Malicious Code
2022-04-01 12:31:00
Rockwell Advises Disconnecting Internet-Facing ICS Devices Amid Cyber Threats
2024-05-22 12:21:00

CVSS4

6

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/SC:H/VI:N/SI:N/VA:N/SA:N

EPSS

0.009

Percentile

82.7%

JSON
Related for CVELIST:CVE-2024-6325
nvd3cve3vulnrichment1nessus3prion2cvelist2ics3thn3