A privilege escalation vulnerability exists in the Rockwell Automation affected products. The vulnerability occurs due to improper default file permissions allowing users to exfiltrate credentials and escalate privileges.
Fixes

Solution

Affected Product         First Known in Software Version         Corrected in Software Version         2800C OptixPanel™ Compact         4.0.0.325         4.0.2.116         2800S OptixPanel™ Standard         4.0.0.350         4.0.2.123         Embedded Edge Compute Module         4.0.0.347         4.0.2.106   Mitigations and Workarounds Customers using the affected software are encouraged to apply security best practices * For information on how to mitigate Security Risks on industrial automation control systems, we encourage customers to implement our suggested security best practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight  to minimize the risk of the vulnerability.


Workaround

No workaround given by the vendor.

History

Thu, 19 Sep 2024 02:15:00 +0000

Type Values Removed Values Added
First Time appeared Rockwellautomation 2800c Optixpanel Compact Firmware
Rockwellautomation 2800s Optixpanel Standard Firmware
Rockwellautomation embedded Edge Compute Module Firmware
Weaknesses CWE-276
CPEs cpe:2.3:h:rockwellautomation:2800c_optixpanel_compact:-:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:2800s_optixpanel_standard:-:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:embedded_edge_compute_module:-:*:*:*:*:*:*:*
cpe:2.3:o:rockwellautomation:2800c_optixpanel_compact_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:rockwellautomation:2800s_optixpanel_standard_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:rockwellautomation:embedded_edge_compute_module_firmware:*:*:*:*:*:*:*:*
Vendors & Products Rockwellautomation 2800c Optixpanel Compact Firmware
Rockwellautomation 2800s Optixpanel Standard Firmware
Rockwellautomation embedded Edge Compute Module Firmware
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}


Thu, 12 Sep 2024 21:30:00 +0000

Type Values Removed Values Added
First Time appeared Rockwellautomation
Rockwellautomation 2800c Optixpanel Compact
Rockwellautomation 2800s Optixpanel Standard
Rockwellautomation embedded Edge Compute Module
CPEs cpe:2.3:o:rockwellautomation:2800c_optixpanel_compact:4.0.0.325:*:*:*:*:*:*:*
cpe:2.3:o:rockwellautomation:2800s_optixpanel_standard:4.0.0.350:*:*:*:*:*:*:*
cpe:2.3:o:rockwellautomation:embedded_edge_compute_module:4.0.0.347:*:*:*:*:*:*:*
Vendors & Products Rockwellautomation
Rockwellautomation 2800c Optixpanel Compact
Rockwellautomation 2800s Optixpanel Standard
Rockwellautomation embedded Edge Compute Module
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 12 Sep 2024 20:15:00 +0000

Type Values Removed Values Added
Description A privilege escalation vulnerability exists in the Rockwell Automation affected products. The vulnerability occurs due to improper default file permissions allowing users to exfiltrate credentials and escalate privileges.
Title Rockwell Automation OptixPanel™ Privilege Escalation Vulnerability via File Permissions
Weaknesses CWE-269
References
Metrics cvssV4_0

{'score': 7.7, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Rockwell

Published:

Updated: 2024-09-12T20:58:17.171Z

Reserved: 2024-09-06T17:15:15.321Z

Link: CVE-2024-8533

cve-icon Vulnrichment

Updated: 2024-09-12T20:30:58.190Z

cve-icon NVD

Status : Analyzed

Published: 2024-09-12T20:15:05.820

Modified: 2024-09-19T01:57:23.830

Link: CVE-2024-8533

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.