// For flags

CVE-2017-6015

 

Severity Score

7.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Without quotation marks, any whitespace in the file path for Rockwell Automation FactoryTalk Activation version 4.00.02 remains ambiguous, which may allow an attacker to link to or run a malicious executable. This may allow an authorized, but not privileged local user to execute arbitrary code with elevated privileges on the system. CVSS v3 base score: 8.8, CVSS vector string: (AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). Rockwell Automation has released a new version of FactoryTalk Activation, Version 4.01, which addresses the identified vulnerability. Rockwell Automation recommends upgrading to the latest version of FactoryTalk Activation, Version 4.01 or later.

Sin comillas, cualquier espacio en blanco en la ruta de archivo de Rockwell Automation FactoryTalk Activation 4.00.02 se mantiene ambiguo. Esto puede permitir que un atacante vincule o ejecute un archivo malicioso. Esto puede permitir que un usuario local autorizado sin privilegios ejecute código arbitrario con privilegios elevados en el sistema. Puntuación base de CVSS v3: 8.8, cadena de vector CVSS: (AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). Rockwell Automation ha lanzado una nueva versión de FactoryTalk Activation, versión 4.01, que aborda esta vulnerabilidad identificada. Rockwell Automation recomienda actualizar a la última versión de FactoryTalk Activation, la 4.01 o posteriores.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2017-02-16 CVE Reserved
  • 2018-05-11 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-09-16 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
  • CWE-428: Unquoted Search Path or Element
CAPEC
References (2)
URL Tag Source
http://www.securityfocus.com/bid/96996 Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-17-047-02 Third Party Advisory
URL Date SRC
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Rockwellautomation
Search vendor "Rockwellautomation"
 Factorytalk Activation
Search vendor "Rockwellautomation" for product "Factorytalk Activation"
 <= 4.00.02
Search vendor "Rockwellautomation" for product "Factorytalk Activation" and version " <= 4.00.02"
-
Affected