Vulnerability Details CVE-2024-21915
A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform (FTSP). If exploited, a malicious user with basic user group privileges could potentially sign into the software and receive FTSP Administrator Group privileges. A threat actor could potentially read and modify sensitive data, delete data and render the FTSP system unavailable.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.6%
CVSS Severity
CVSS v3 Score 9.0
References
Products affected by CVE-2024-21915
-
cpe:2.3:a:rockwellautomation:factorytalk_services_platform:-
-
cpe:2.3:a:rockwellautomation:factorytalk_services_platform:2.51.00.8
-
cpe:2.3:a:rockwellautomation:factorytalk_services_platform:2.61
-
cpe:2.3:a:rockwellautomation:factorytalk_services_platform:2.71
-
cpe:2.3:a:rockwellautomation:factorytalk_services_platform:2.73