216.73.216.133

CVE-2024-8533

· Published 12/09/2024 20:15 · Modified 19/09/2024 01:57

Labels: CVE-2024-8533 2024-09-12CVE-2024-8533CWE-269CWE-276[email protected]

Essential information

Published
12/09/2024 20:15
Modified
19/09/2024 01:57
Author
Creator
CVSS
8.8 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

A privilege escalation vulnerability exists in the Rockwell Automation affected products. The vulnerability occurs due to improper default file permissions allowing users to exfiltrate credentials and escalate privileges.

NVD status

Status
Analyzed — CVE has had analysis completed and all data associations made.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
rockwellautomation / 2800c optixpanel compact firmware cpe:2.3:o:rockwellautomation:2800c_optixpanel_compact_firmware:*:*:*:*:*:*:*:*
rockwellautomation / 2800c optixpanel compact cpe:2.3:h:rockwellautomation:2800c_optixpanel_compact:-:*:*:*:*:*:*:*
rockwellautomation / 2800s optixpanel standard firmware cpe:2.3:o:rockwellautomation:2800s_optixpanel_standard_firmware:*:*:*:*:*:*:*:*
rockwellautomation / 2800s optixpanel standard cpe:2.3:h:rockwellautomation:2800s_optixpanel_standard:-:*:*:*:*:*:*:*
rockwellautomation / embedded edge compute module firmware cpe:2.3:o:rockwellautomation:embedded_edge_compute_module_firmware:*:*:*:*:*:*:*:*
rockwellautomation / embedded edge compute module cpe:2.3:h:rockwellautomation:embedded_edge_compute_module:-:*:*:*:*:*:*:*

References