CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-10386

Critical Severity
Rockwellautomation
SVRS
84/100
CVSSv3
9.8/10
EPSS
0.0004/1

CVE-2024-10386 is a critical authentication vulnerability allowing unauthorized database manipulation via crafted network messages. This flaw could enable attackers with network access to compromise the system. SOCRadar's Vulnerability Risk Score (SVRS) for CVE-2024-10386 is 84, indicating critical severity and the need for immediate action. This high SVRS is due to its potential impact and exploitation observed "In The Wild." Successful exploitation could lead to significant data breaches, system instability, or complete takeover. Organizations should prioritize patching or mitigating this database vulnerability to prevent potential attacks. The CVSS score of 9.8 also highlights the urgency.

TAGS
In The Wild
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:N
UI:N
S:U
C:H
I:H
A:H
PUBLICATION DATE2024-10-25
LAST MODIFIED2024-11-05
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-10386 is an authentication vulnerability affecting an unspecified product. This vulnerability allows a threat actor with network access to send specially crafted messages to the device, potentially leading to database manipulation.

The vulnerability is considered critical with an SVRS of 94, signifying a high probability of exploitation and potential for significant impact. This means immediate action is required to mitigate the risk.

Key Insights

  • Remote Exploitation: This vulnerability can be exploited remotely, meaning a threat actor does not need physical access to the affected device. This increases the attack surface and makes it easier for malicious actors to compromise systems.
  • Database Manipulation: Successful exploitation could lead to database manipulation, allowing attackers to potentially alter, delete, or steal sensitive information stored within the database.
  • Potential for Data Breaches: The potential for database manipulation poses a significant threat, increasing the risk of data breaches and compromising the confidentiality, integrity, and availability of sensitive information.
  • Lack of Specific Information: The CVE description currently lacks specific information about the affected product, making it difficult to determine the exact scope and impact.

Mitigation Strategies

  • Patching: Immediately apply any available security patches released by the vendor to address the vulnerability.
  • Network Segmentation: Implement network segmentation to limit the attack surface and isolate the affected system from other critical assets.
  • Multi-Factor Authentication: Enable multi-factor authentication for all accounts and systems to make it more difficult for attackers to gain unauthorized access.
  • Monitoring and Logging: Implement robust monitoring and logging systems to detect suspicious activity and identify potential exploitation attempts.

Additional Information

The lack of specific information regarding the affected product and any potential threat actors currently exploiting this vulnerability presents challenges in fully assessing the immediate threat. However, the high SVRS score and the potential for database manipulation indicate a critical vulnerability requiring immediate attention.

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

Rockwell ThinManager Vulnerability Exposes Systems To DoS Condition
Guru Baran2024-11-05
Rockwell ThinManager Vulnerability Exposes Systems To DoS Condition | Rockwell Automation has recently disclosed multiple critical vulnerabilities in its FactoryTalk ThinManager software, a key component used in industrial control systems. These vulnerabilities, identified by cybersecurity researchers at Tenable Network Security, pose significant risks to industrial environments by potentially allowing attackers to manipulate databases or trigger denial-of-service (DoS) conditions. The vulnerabilities, tracked as CVE-2024-10386 and […] The post Rockwell ThinManager Vulnerability Exposes Systems To DoS Condition appeared
cybersecuritynews.com
rss
forum
news
Vulnerability Recap 11/4/24 – Fourteen-Year Bug Finally Gets Patched
Jenna Phipps2024-11-04
Vulnerability Recap 11/4/24 – Fourteen-Year Bug Finally Gets Patched | This week, we look at a Windows 11 OS downgrade vulnerability, as well as cloud credential theft and industrial control device vulnerabilities. The post Vulnerability Recap 11/4/24 – Fourteen-Year Bug Finally Gets Patched appeared first on eSecurity Planet.We’re looking at cloud credential theft (not good) and a big win for early vulnerability fixes (better) this
esecurityplanet.com
rss
forum
news
THN Recap: Top Cybersecurity Threats, Tools, and Practices (Oct 28 – Nov 03)
Ajit Jasrotia2024-11-04
THN Recap: Top Cybersecurity Threats, Tools, and Practices (Oct 28 – Nov 03) | This week was a total digital dumpster fire! Hackers were like, “Let’s cause some chaos!” and went after everything from our browsers to those fancy cameras that zoom and spin. (You know, the ones they use in spy movies? 🕵️‍♀️) We’re talking password-stealing bots, sneaky extensions that spy on you, and even cloud-hacking ninjas! 🥷 […] The post THN Recap: Top Cybersecurity Threats, Tools, and Practices
allhackernews.com
rss
forum
news
Critical Auth Bugs Expose Smart Factory Gear to Cyberattack - Dark Reading
2024-11-01
Critical Auth Bugs Expose Smart Factory Gear to Cyberattack - Dark Reading | News Content: Critical security vulnerabilities affecting factory automation software from Mitsubishi Electric and Rockwell Automation could variously allow remote code execution (RCE), authentication bypass, product tampering, or denial-of-service (DoS). That's according to the US Cybersecurity and Infrastructure Security Agency (CISA), which warned yesterday that an attacker could exploit the Mitsubishi Electric bug (CVE-2023-6943, CVSS score of 9.8) by calling a function with a path to a malicious library while connected to the device — resulting in authentication bypass, RCE, DoS, or data manipulation. The Rockwell
google.com
rss
forum
news
Rockwell Automation FactoryTalk ThinManager
CISA2024-10-31
Rockwell Automation FactoryTalk ThinManager | View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment
us-cert.gov
rss
forum
news
CVE-2024-10386 | Rockwell Automation FactoryTalk ThinManager up to 14.0.0 Messages missing authentication
vuldb.com2024-10-26
CVE-2024-10386 | Rockwell Automation FactoryTalk ThinManager up to 14.0.0 Messages missing authentication | A vulnerability has been found in Rockwell Automation FactoryTalk ThinManager up to 14.0.0 and classified as very critical. Affected by this vulnerability is an unknown functionality of the component Messages Handler. The manipulation leads to missing authentication. This vulnerability is known as CVE-2024-10386. The attack can be launched remotely
cve-2024-10386
domains
urls
cves

Social Media

No tweets found for this CVE

Affected Software

Configuration 1
TypeVendorProduct
AppRockwellautomationthinmanager

References

ReferenceLink
[email protected]https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1708.html

CWE Details

CWE IDCWE NameDescription
CWE-306Missing Authentication for Critical FunctionThe software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence