CVE-2024-7513

HIGH

Rockwellautomation Factorytalk View - Incorrect Permission Assignment

Title source: rule

Description

CVE-2024-7513 IMPACT A code execution vulnerability exists in the affected product. The vulnerability occurs due to improper default file permissions allowing any user to edit or replace files, which are executed by account with elevated permissions.

References (1)

[Mitigation, Vendor Advisory] https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201688.html

Scores

CVSS v3 8.8

EPSS 0.0005

EPSS Percentile 16.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-732

Status published

Products (1)

rockwellautomation/factorytalk_view 13.0

Published Aug 14, 2024

Tracked Since Feb 18, 2026