{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-7513", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "state": "PUBLISHED", "assignerShortName": "Rockwell", "dateReserved": "2024-08-05T20:18:13.759Z", "datePublished": "2024-08-14T19:48:46.656Z", "dateUpdated": "2024-08-14T20:16:25.948Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "FactoryTalk View Site Edition", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "13.0"}]}], "datePublic": "2024-08-13T13:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p><b>CVE-2024-7513 IMPACT</b></p><p>A code execution vulnerability exists in the affected product. The vulnerability occurs due to improper default file permissions allowing any user to edit or replace files, which are executed by account with elevated permissions.</p>"}], "value": "CVE-2024-7513 IMPACT\n\nA code execution vulnerability exists in the affected product. The vulnerability occurs due to improper default file permissions allowing any user to edit or replace files, which are executed by account with elevated permissions."}], "impacts": [{"capecId": "CAPEC-576", "descriptions": [{"lang": "en", "value": "CAPEC-576 Group Permission Footprinting"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 8.5, "baseSeverity": "HIGH", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2024-08-14T19:48:46.656Z"}, "references": [{"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201688.html"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Upgrade to v14.0"}], "value": "Upgrade to v14.0"}], "source": {"discovery": "INTERNAL"}, "title": "Rockwell Automation FactoryTalk\u00ae View Site Edition Code Execution Vulnerability via File Permissions", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Customers using the affected software are encouraged to apply security best practices, if possible.</p><ul><li><p>Remove \u201cEveryone\u201d user group from read and write privileges by changing the FactoryTalk\u00ae View SE project folder permissions using the help guide. Detailed instructions are below. </p></li></ul><ul><li><p>Open FactoryTalk\u00ae View Studio -&gt; Help -&gt; FactoryTalk\u00ae View SE Help. I<span style=\"background-color: var(--wht);\">n the file -&gt; Security -&gt; \u201cHMI projects folder\u201d</span></p></li></ul>\n\n<br>"}], "value": "Customers using the affected software are encouraged to apply security best practices, if possible.\n\n  *  Remove \u201cEveryone\u201d user group from read and write privileges by changing the FactoryTalk\u00ae View SE project folder permissions using the help guide. Detailed instructions are below. \n\n\n\n\n  *  Open FactoryTalk\u00ae View Studio -> Help -> FactoryTalk\u00ae View SE Help. In the file -> Security -> \u201cHMI projects folder\u201d"}], "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "rockwellautomation", "product": "factorytalk_view", "cpes": ["cpe:2.3:a:rockwellautomation:factorytalk_view:13.0:*:*:*:se:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "13.0", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-14T20:09:08.721442Z", "id": "CVE-2024-7513", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-14T20:16:25.948Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-7513", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-08-14T20:09:08.721442Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:rockwellautomation:factorytalk_view:13.0:*:*:*:se:*:*:*"], "vendor": "rockwellautomation", "product": "factorytalk_view", "versions": [{"status": "affected", "version": "13.0"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-14T20:16:19.702Z"}}], "cna": {"title": "Rockwell Automation FactoryTalk\u00ae View Site Edition Code Execution Vulnerability via File Permissions", "source": {"discovery": "INTERNAL"}, "impacts": [{"capecId": "CAPEC-576", "descriptions": [{"lang": "en", "value": "CAPEC-576 Group Permission Footprinting"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.5, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Rockwell Automation", "product": "FactoryTalk View Site Edition", "versions": [{"status": "affected", "version": "13.0"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Upgrade to v14.0", "supportingMedia": [{"type": "text/html", "value": "Upgrade to v14.0", "base64": false}]}], "datePublic": "2024-08-13T13:00:00.000Z", "references": [{"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201688.html"}], "workarounds": [{"lang": "en", "value": "Customers using the affected software are encouraged to apply security best practices, if possible.\n\n  *  Remove \u201cEveryone\u201d user group from read and write privileges by changing the FactoryTalk\u00ae View SE project folder permissions using the help guide. Detailed instructions are below. \n\n\n\n\n  *  Open FactoryTalk\u00ae View Studio -> Help -> FactoryTalk\u00ae View SE Help. In the file -> Security -> \u201cHMI projects folder\u201d", "supportingMedia": [{"type": "text/html", "value": "<p>Customers using the affected software are encouraged to apply security best practices, if possible.</p><ul><li><p>Remove \u201cEveryone\u201d user group from read and write privileges by changing the FactoryTalk\u00ae View SE project folder permissions using the help guide. Detailed instructions are below. </p></li></ul><ul><li><p>Open FactoryTalk\u00ae View Studio -&gt; Help -&gt; FactoryTalk\u00ae View SE Help. I<span style=\"background-color: var(--wht);\">n the file -&gt; Security -&gt; \u201cHMI projects folder\u201d</span></p></li></ul>\n\n<br>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "CVE-2024-7513 IMPACT\n\nA code execution vulnerability exists in the affected product. The vulnerability occurs due to improper default file permissions allowing any user to edit or replace files, which are executed by account with elevated permissions.", "supportingMedia": [{"type": "text/html", "value": "<p><b>CVE-2024-7513 IMPACT</b></p><p>A code execution vulnerability exists in the affected product. The vulnerability occurs due to improper default file permissions allowing any user to edit or replace files, which are executed by account with elevated permissions.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2024-08-14T19:48:46.656Z"}}}, "cveMetadata": {"cveId": "CVE-2024-7513", "state": "PUBLISHED", "dateUpdated": "2024-08-14T20:16:25.948Z", "dateReserved": "2024-08-05T20:18:13.759Z", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "datePublished": "2024-08-14T19:48:46.656Z", "assignerShortName": "Rockwell"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rockwellautomation:factorytalk_view:*:*:*:*:se:*:*:*", "matchCriteriaId": "E13B3C84-07B8-4327-B73E-21A65D5E5627", "versionStartIncluding": "13.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "CVE-2024-7513 IMPACT\n\nA code execution vulnerability exists in the affected product. The vulnerability occurs due to improper default file permissions allowing any user to edit or replace files, which are executed by account with elevated permissions."}, {"lang": "es", "value": " CVE-2024-7513 IMPACT Existe una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo en el producto afectado. La vulnerabilidad se produce debido a permisos de archivos predeterminados inadecuados que permiten a cualquier usuario editar o reemplazar archivos, que se ejecutan mediante una cuenta con permisos elevados."}], "id": "CVE-2024-7513", "lastModified": "2025-01-31T15:25:24.030", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "HIGH", "vulnerableSystemConfidentiality": "HIGH", "vulnerableSystemIntegrity": "HIGH"}, "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}]}, "published": "2024-08-14T20:15:13.013", "references": [{"source": "PSIRT@rockwellautomation.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201688.html"}], "sourceIdentifier": "PSIRT@rockwellautomation.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-732"}], "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-732"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}