CVE-2024-8533

Summary

A privilege escalation vulnerability exists in the Rockwell Automation affected products. The vulnerability occurs due to improper default file permissions allowing users to exfiltrate credentials and escalate privileges.

Affected Software

VendorProductVersion RangeStatus
Rockwell Automation2800C OptixPanel™ Compact4.0.0.325affected
Rockwell Automation2800S OptixPanel™ Standard4.0.0.350affected
Rockwell AutomationEmbedded Edge Compute Module4.0.0.347affected

Weaknesses

  • CWE-269: CWE-269 Improper Privilege Management

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References