9.0
CRITICAL
CVE-2024-21915
Rockwell Automation FactoryTalk Service Platform Privilege Escalation Vulnerability
Description

A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform (FTSP). If exploited, a malicious user with basic user group privileges could potentially sign into the software and receive FTSP Administrator Group privileges. A threat actor could potentially read and modify sensitive data, delete data and render the FTSP system unavailable.

INFO

Published Date :

Feb. 16, 2024, 7:15 p.m.

Last Modified :

Dec. 11, 2024, 7:31 p.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

6.0

Exploitability Score :

2.2
Affected Products

The following products are affected by CVE-2024-21915 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Rockwellautomation factorytalk_services_platform
: Total Affected Vendor : 1 | Products : 1
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2024-21915.

URL Resource
https://www.rockwellautomation.com/en-us/support/advisory.SD1662.html Broken Link Vendor Advisory
https://www.rockwellautomation.com/en-us/support/advisory.SD1662.html Broken Link Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2024-21915 vulnerability anywhere in the article.

  • Cybersecurity News
Critical Flaws in Rockwell Automation PowerMonitor 1000 Devices: CVSS Scores Hit 9.8/10

Rockwell Automation has issued a critical security advisory highlighting three severe vulnerabilities affecting its PowerMonitor 1000 devices. These vulnerabilities, identified by Vera Mens of Claroty ... Read more

Published Date: Dec 21, 2024 (1 day, 6 hours ago)
CVE-2024-12373 CVE-2024-12372 CVE-2024-12371 CVE-2024-45337 CVE-2024-54143 CVE-2024-49039 CVE-2024-7988 CVE-2024-21915 CVE-2024-21887
  • Cybersecurity News
Rockwell Automation Products Face Critical Security Risks, Urgent Patching Required

Two recently discovered vulnerabilities in Rockwell Automation’s FactoryTalk software products pose a serious threat to industrial control systems (ICS). The vulnerabilities, tracked as CVE-2024-45823 ... Read more

Published Date: Sep 14, 2024 (3 months, 1 week ago)
CVE-2024-37285 CVE-2024-45823 CVE-2024-45824 CVE-2024-37288 CVE-2024-7988 CVE-2024-8073 CVE-2024-39809 CVE-2024-39792 CVE-2024-43044 CVE-2024-21915
  • Cybersecurity News
CVE-2024-7988 (CVSS 9.8): Rockwell Automation’s ThinManager Flaw Allows RCE

Rockwell Automation has issued a critical security advisory concerning multiple vulnerabilities discovered in its ThinManager ThinServer software. These vulnerabilities, reported by Nicholas Zubrisky ... Read more

Published Date: Aug 28, 2024 (3 months, 3 weeks ago)
CVE-2024-7988 CVE-2024-7987 CVE-2024-7986 CVE-2024-43399 CVE-2024-7646 CVE-2024-5670 CVE-2024-21915 CVE-2023-6817

The following table lists the changes that have been made to the CVE-2024-21915 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • Initial Analysis by [email protected]

    Dec. 11, 2024

    Action Type Old Value New Value
    Added CVSS V3.1 NIST AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    Added CWE NIST CWE-732
    Added CPE Configuration OR *cpe:2.3:a:rockwellautomation:factorytalk_services_platform:*:*:*:*:*:*:*:* versions up to (excluding) 2.74
    Changed Reference Type https://www.rockwellautomation.com/en-us/support/advisory.SD1662.html No Types Assigned https://www.rockwellautomation.com/en-us/support/advisory.SD1662.html Broken Link, Vendor Advisory
    Changed Reference Type https://www.rockwellautomation.com/en-us/support/advisory.SD1662.html No Types Assigned https://www.rockwellautomation.com/en-us/support/advisory.SD1662.html Broken Link, Vendor Advisory
  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Nov. 21, 2024

    Action Type Old Value New Value
    Added Reference https://www.rockwellautomation.com/en-us/support/advisory.SD1662.html
  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • CVE Received by [email protected]

    Feb. 16, 2024

    Action Type Old Value New Value
    Added Description A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform (FTSP). If exploited, a malicious user with basic user group privileges could potentially sign into the software and receive FTSP Administrator Group privileges. A threat actor could potentially read and modify sensitive data, delete data and render the FTSP system unavailable.
    Added Reference Rockwell Automation https://www.rockwellautomation.com/en-us/support/advisory.SD1662.html [No types assigned]
    Added CWE Rockwell Automation CWE-732
    Added CVSS V3.1 Rockwell Automation AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
: