CVE-2024-45826

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Published Sep 12, 2024
CWE ID 610

Summary

CVE-2024-45826 is a vulnerability found in several products, including ThinManager® versions yjl_LD, yjnZf4, yjl_LC, yjl_LB, and sJtOvI, which arises from improper input validation leading to path traversal and remote code execution. If exploited, attackers can execute arbitrary files on the affected systems requiring high privileges and user interaction. The vulnerability has a medium base severity score of 6.8 with an exploitability score of 0.9, indicating a low attack complexity and high potential impacts on integrity, confidentiality, and availability. Organizations are advised to apply patches or updates provided by Rockwell Automation to mitigate the risk associated with this vulnerability. Failure to address this issue could lead to significant security breaches within affected systems.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share