Description

An unquoted executable path exists in the Rockwell Automation FactoryTalk® Remote Access™ possibly resulting in remote code execution if exploited. While running the FTRA installer package, the executable path is not properly quoted, which could allow a threat actor to enter a malicious executable and run it as a System user. A threat actor needs admin privileges to exploit this vulnerability.

INFO

Published Date :

2024-05-16T15:25:28.558Z

Last Modified :

2024-08-01T20:20:00.578Z

Source :

Rockwell
AFFECTED PRODUCTS

The following products are affected by CVE-2024-3640 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-3640.

URL Resource
https://www.rockwellautomation.com/en-us/support/advisory.SD1671.html cve-icon cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability