CVE-2024-6079 – DLL Hijacking Vulnerability Exists in Rockwell Automation Emulate3D™
https://notcve.org/view.php?id=CVE-2024-6079
A vulnerability exists in the Rockwell Automation Emulate3D™, which could be leveraged to execute a DLL Hijacking attack. The application loads shared libraries, which are readable and writable by any user. If exploited, a malicious user could leverage a malicious dll and perform a remote code execution attack. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201683.html • CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVE-2024-6325 – Rockwell Automation Unsecured Private Keys in FactoryTalk® System Services
https://notcve.org/view.php?id=CVE-2024-6325
The v6.40 release of Rockwell Automation FactoryTalk® Policy Manager CVE-2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and CVE-2022-1161 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1585.html by implementing CIP security and did not update to the versions of the software CVE-2022-1161 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1585.html and CVE-2022-1161. https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1585.html • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1678.html • CWE-269: Improper Privilege Management •
CVE-2024-6435 – Rockwell Automation Privilege Escalation Vulnerability in Pavilion8®
https://notcve.org/view.php?id=CVE-2024-6435
A privilege escalation vulnerability exists in the affected products which could allow a malicious user with basic privileges to access functions which should only be available to users with administrative level privileges. If exploited, an attacker could read sensitive data, and create users. For example, a malicious user with basic privileges could perform critical functions such as creating a user with elevated privileges and reading sensitive information in the “views” section. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1681.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2024-5990 – ThinManager® ThinServer™ Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2024-5990
Due to an improper input validation, an unauthenticated threat actor can send a malicious message to a monitor thread within Rockwell Automation ThinServer™ and cause a denial-of-service condition on the affected device. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1677.html • CWE-20: Improper Input Validation •
CVE-2024-5989 – Rockwell Automation ThinManager® ThinServer™ Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2024-5989
Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke SQL injection into the program and cause a remote code execution condition on the Rockwell Automation ThinManager® ThinServer™. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1677.html • CWE-20: Improper Input Validation •