CVE-2024-6326 LOW

CVE-2024-6326: Rockwell Automation Unsecured Private Keys in FactoryTalk® System Services

Vendor Rockwell Automation
Product FactoryTalk® System Services (installed via FTPM)
Weakness CWE-269
Published July 16, 2024
Last update August 1, 2024

CVSS base score

1.8/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N

What the vulnerability does

01Description

An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk® System Service. A malicious user could exploit this vulnerability by starting a back-up or restore process, which temporarily exposes private keys, passwords, pre-shared keys, and database folders when they are temporarily copied to an interim folder. This vulnerability is due to the lack of explicit permissions set on the backup folder. If private keys are obtained by a malicious user, they could impersonate resources on the secured network.

Key dates

02Disclosure timeline

July 16, 2024 CVE published
August 1, 2024 Record updated