CVE-2024-37367

A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE v12. The vulnerability allows a user from a remote system with FTView to send a packet to the customer’s server to view an HMI project. This action is allowed without proper authentication verification.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1675.html	Broken Link

Configurations

Configuration 1 (hide)

cpe:2.3:a:rockwellautomation:factorytalk_view:*:*:*:*:se:*:*:*

History

16 Aug 2024, 19:29

Type	Values Removed	Values Added
References	~~() https://https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1675.html -~~	() https://https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1675.html - Broken Link
First Time		Rockwellautomation factorytalk View Rockwellautomation
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.5
CPE		cpe:2.3:a:rockwellautomation:factorytalk_view:::::se:::*

17 Jun 2024, 12:42

Type	Values Removed	Values Added
Summary		(es) Existe una vulnerabilidad de autenticación de usuario en Rockwell Automation FactoryTalk® View SE v12. La vulnerabilidad permite a un usuario desde un sistema remoto con FTView enviar un paquete al servidor del cliente para ver un proyecto HMI. Esta acción está permitida sin una verificación de autenticación adecuada.

14 Jun 2024, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-06-14 15:15

Updated : 2024-08-16 19:29

NVD link : CVE-2024-37367

Mitre link : CVE-2024-37367

CVE.ORG link : CVE-2024-37367

JSON object : View

Products Affected

rockwellautomation

factorytalk_view

CWE

CWE-287

Improper Authentication

{"id": "CVE-2024-37367", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "PSIRT@rockwellautomation.com", "cvssData": {"safety": "NOT_DEFINED", "version": "4.0", "recovery": "NOT_DEFINED", "baseScore": 8.2, "automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "modifiedAttackVector": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subsequentSystemIntegrity": "NONE", "vulnerableSystemIntegrity": "NONE", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "confidentialityRequirements": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "vulnerableSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "vulnerableSystemConfidentiality": "HIGH", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED"}}]}, "published": "2024-06-14T15:15:51.940", "references": [{"url": "https://https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1675.html", "tags": ["Broken Link"], "source": "PSIRT@rockwellautomation.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-287"}]}, {"type": "Secondary", "source": "PSIRT@rockwellautomation.com", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "A user authentication vulnerability exists in the Rockwell Automation FactoryTalk\u00ae View SE v12. The vulnerability allows a user from a remote system with FTView to send a packet to the customer\u2019s server to view an HMI project. This action is allowed without proper authentication verification."}, {"lang": "es", "value": "Existe una vulnerabilidad de autenticaci\u00f3n de usuario en Rockwell Automation FactoryTalk\u00ae View SE v12. La vulnerabilidad permite a un usuario desde un sistema remoto con FTView enviar un paquete al servidor del cliente para ver un proyecto HMI. Esta acci\u00f3n est\u00e1 permitida sin una verificaci\u00f3n de autenticaci\u00f3n adecuada."}], "lastModified": "2024-08-16T19:29:01.433", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:rockwellautomation:factorytalk_view:*:*:*:*:se:*:*:*", "vulnerable": true, "matchCriteriaId": "EFF3850B-DE22-4996-8B0B-1D1B8D36D62A", "versionEndExcluding": "14.0", "versionStartIncluding": "12.0"}], "operator": "OR"}]}], "sourceIdentifier": "PSIRT@rockwellautomation.com"}