CVE-2024-3640

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-3640
An unquoted executable path exists in the Rockwell Automation FactoryTalk® Remote Access™ possibly resulting in remote code execution if exploited. While running the FTRA installer package, the executable path is not properly quoted, which could allow a threat actor to enter a malicious executable and run it as a System user. A threat actor needs admin privileges to exploit this vulnerability.
CVSS

No CVSS.

References
Link Resource
https://www.rockwellautomation.com/en-us/support/advisory.SD1671.html
Configurations

No configuration.

History

16 May 2024, 16:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-05-16 16:15

Updated : 2024-05-17 18:36

NVD link : CVE-2024-3640

Mitre link : CVE-2024-3640

CVE.ORG link : CVE-2024-3640

JSON object : View

Products Affected

No product.

CWE
CWE-428

Unquoted Search Path or Element


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024