CVE-2024-6619

Summary

In Ocean Data Systems Dream Report, an incorrect permission vulnerability could allow a local unprivileged attacker to escalate their privileges and could cause a denial-of-service.

Affected Software

VendorProductVersion RangeStatus
Ocean Data SystemsDream Report 20230 <= 23.0.17795.1010affected
AVEVAReports for Operations 202323.0.17795.1010affected

Weaknesses

  • CWE-732: CWE-732 Incorrect Permission Assignment for Critical Resource

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References