#VU97235 Improper privilege management in Pavilion8 - CVE-2024-7960


Vulnerability identifier: #VU97235

Vulnerability risk: Medium

CVSSv4.0: 5.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-7960

CWE-ID: CWE-269

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Pavilion8
Server applications / Other server solutions

Vendor: Rockwell Automation

Description

The vulnerability allows a remote attacker to escalate privileges.

The vulnerability exists due to improper privilege management. A remote user can view sensitive information and change settings.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Pavilion8: before 5.20

External links
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1695.html
https://www.cisa.gov/news-events/ics-advisories/icsa-24-256-24

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Rockwell Automation Pavilion8