Unrated severityNVD Advisory· Published Feb 16, 2024· Updated Aug 28, 2024
Rockwell Automation FactoryTalk® Service Platform Elevated Privileges Vulnerability Through Web Service Functionality
CVE-2024-21915
Description
A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform (FTSP). If exploited, a malicious user with basic user group privileges could potentially sign into the software and receive FTSP Administrator Group privileges. A threat actor could potentially read and modify sensitive data, delete data and render the FTSP system unavailable.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <v2.74
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.