Описание
A privilege escalation vulnerability exists in the Rockwell Automation affected products. The vulnerability occurs due to improper default file permissions allowing users to exfiltrate credentials and escalate privileges.
Затрагиваемое ПО
Rockwellautomation 2800c optixpanel compact firmwareRockwellautomation 2800c optixpanel compactRockwellautomation 2800s optixpanel standard firmwareRockwellautomation 2800s optixpanel standardRockwellautomation Embedded edge compute module firmwareRockwellautomation Embedded edge compute module
CVSS
| Балл | 8.8 — высокая |
| Вектор | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Источники
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1964.html