CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10945 – FactoryTalk® Updater Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2024-10945
A Local Privilege Escalation vulnerability exists in the affected product. The vulnerability requires a local, low privileged threat actor to replace certain files during update and exists due to a failure to perform proper security checks before installation. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1710.html • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10944 – FactoryTalk® Updater Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-10944
A Remote Code Execution vulnerability exists in the affected product. The vulnerability requires a high level of permissions and exists due to improper input validation resulting in the possibility of a malicious Updated Agent being deployed. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1710.html • CWE-20: Improper Input Validation •