CVERadar

CVE-2024-45824

Medium Severity

Rockwellautomation

SVRS

30/100

CVSSv3

9.8/10

EPSS

0.00439/1

CVE-2024-45824 is a critical remote code execution vulnerability. This vulnerability allows unauthenticated attackers to execute arbitrary code on affected systems when chained with Path Traversal, Command Injection, and XSS vulnerabilities. Despite a CVSS score of 9.8 indicating high severity, the SOCRadar Vulnerability Risk Score (SVRS) is 30, suggesting a lower immediate risk compared to vulnerabilities with SVRS scores above 80. However, the potential for exploitation via chaining remains a significant concern. Successful exploitation could lead to complete system compromise, data breaches, and further malicious activities. Organizations should apply the provided patches to mitigate this critical vulnerability and prevent potential attacks. The presence of the "In The Wild" tag highlights that the vulnerability has been observed being exploited.

TAGS

In The Wild

VECTOR STRING

CVSS:3.1

AV:N

AC:L

PR:N

UI:N

S:U

C:H

I:H

A:H

PUBLICATION DATE2024-09-12

LAST MODIFIED2025-01-31

SOCRadar

AI Insight

Description

CVE-2024-45824 is a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary code on affected systems. The vulnerability exists due to a combination of Path Traversal, Command Injection, and XSS vulnerabilities. The SVRS for this CVE is 30, indicating a moderate level of risk.

Key Insights

The vulnerability can be exploited remotely, making it easy for attackers to target systems without physical access.
The vulnerability allows attackers to execute arbitrary code, giving them complete control over the affected system.
The vulnerability is actively exploited in the wild, meaning that attackers are already using it to target systems.

Mitigation Strategies

Apply the patches provided by the vendor.
Implement a web application firewall (WAF) to block malicious requests.
Use input validation to prevent attackers from submitting malicious input.
Regularly scan systems for vulnerabilities and patch any that are found.

Additional Information

CISA has issued a warning about this vulnerability, calling for immediate and necessary measures.
Threat actors are actively exploiting this vulnerability.
If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence

Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.

CREATE FREE ACCOUNT

CVE Details

Access comprehensive CVE information instantly

Real-time Tracking

Subscribe to CVEs and get instant updates

Exploit Analysis

Monitor related APT groups and threats

IOC Tracking

Analyze and track CVE-related IOCs

News

CVE-2024-45824 | Rockwell Automation FactoryTalk View Site Edition up to 14.0 command injection

vuldb.com2025-02-01

CVE-2024-45824 | Rockwell Automation FactoryTalk View Site Edition up to 14.0 command injection | A vulnerability, which was classified as critical, was found in Rockwell Automation FactoryTalk View Site Edition up to 14.0. This affects an unknown part. The manipulation leads to command injection. This vulnerability is uniquely identified as CVE-2024-45824. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to

vuldb.com

rss

forum

news

Rockwell Automation FactoryTalk View Site

CISA2024-09-12

Rockwell Automation FactoryTalk View Site | View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation

cve-2024-45824

domains

urls

cves

Social Media

CRAC Learning - Tech

@cracbot

2024-09-17

CVE-2024-45824 (CVSS:9.8, CRITICAL) is Awaiting Analysis. CVE-2024-45824 IMPACT A remote code vulnerability exists in the affected products. The vulnerability occurs when chai..https://t.co/xCpbWhZqLh #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

WindowsForum

@windowsforum

2024-09-12

CVE-2024-45824: Critical Vulnerability in FactoryTalk View Software https://t.co/f2w8iEHzel

CVEFind.com

@CveFindCom

2024-09-12

[CVE-2024-45824: CRITICAL] Critical CVE-2024-45824 vulnerability impact highlighted: remote code execution achievable due to chained Path Traversal, Command Injection, and XSS flaws. Patch available for fix.#cybersecurity,#vulnerability https://t.co/iURyeuc3al https://t.co/4qS1UxoK4C

CVE

@CVEnew

2024-09-12

CVE-2024-45824 CVE-2024-45824 IMPACT A remote code vulnerability exists in the affected products. The vulnerability occurs when chained with Path Traversal, Command Injection, an… https://t.co/xMo9d06gX0

Affected Software

Configuration 1

Type	Vendor	Product
App	Rockwellautomation	factorytalk_view

References

Reference	Link
[email protected]	https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1696.html

CWE Details

CWE ID	CWE Name	Description
CWE-77	Improper Neutralization of Special Elements used in a Command ('Command Injection')	The software constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence