13 matches found
EUVD-2024-19521
Malicious code in bioql PyPI...
EUVD-2024-19523
Malicious code in bioql PyPI...
CVE-2024-21915
A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform FTSP. If exploited, a malicious user with basic user group privileges could potentially sign into the software and receive FTSP Administrator Group privileges. A threat actor could potentially read an...
Privilege escalation
A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform FTSP. If exploited, a malicious user with basic user group privileges could potentially sign into the software and receive FTSP Administrator Group privileges. A threat actor could potentially read an...
CVE-2024-21915 Rockwell Automation FactoryTalk® Service Platform Elevated Privileges Vulnerability Through Web Service Functionality
A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform FTSP. If exploited, a malicious user with basic user group privileges could potentially sign into the software and receive FTSP Administrator Group privileges. A threat actor could potentially read an...
Vulnerability fixed in Rockwell Automation FactoryTalk Service Platform
Rockwell Automation has fixed a vulnerability in FactoryTalk Service Platform FTSP. An authenticated malicious party could exploit the exploit the vulnerability to grant themselves elevated privileges and gain access to FTSP as an Administrator. For successful misuse, the malicious party must hav...
Rockwell Automation FactoryTalk Service Platform
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION : Exploitable remotely Vendor : Rockwell Automation Equipment : FactoryTalk Service Platform Vulnerability : Incorrect Execution-Assigned Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability could allow malicious users...
PT-2024-1821 · Rockwell Automation · Rockwell Automation Factorytalk Service Platform
Name of the Vulnerable Software and Affected Versions: Rockwell Automation FactoryTalk Service Platform FTSP affected versions not specified Description: A privilege escalation vulnerability exists in the software. If exploited, a malicious user with basic user group privileges could potentially...
CVE-2024-21917
A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. This is due to the lack of digital signing between the FTSP service token and directory. If exploited, a...
CVE-2024-21917
A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. This is due to the lack of digital signing between the FTSP service token and directory. If exploited, a...
CVE-2024-21917
A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. This is due to the lack of digital signing between the FTSP service token and directory. If exploited, a...
CVE-2024-21917 Rockwell Automation FactoryTalk® Service Platform Service Token Vulnerability
A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. This is due to the lack of digital signing between the FTSP service token and directory. If exploited, a...
Rockwell Automation FactoryTalk Service Platform
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : FactoryTalk Service Platform Vulnerability : Improper Verification of Cryptographic Signature 2. RISK EVALUATION Successful exploitation of this vulnerability...