June 18, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple IBM Products Vulnerabilities
July 16, 2024Samba File Shares Abused by DarkGate Malware in Transient Campaign – Active IOCs
July 16, 2024Multiple IBM Products Vulnerabilities
July 16, 2024Samba File Shares Abused by DarkGate Malware in Transient Campaign – Active IOCs
July 16, 2024
Severity
Medium
Analysis Summary
CVE-2024-6325 CVSS:6.5
Rockwell Automation FactoryTalk System Services and Policy Manager could allow a local authenticated attacker to obtain sensitive information, caused by a flaw with private keys are insecurely stored with read and execute privileges for the Windows group. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain private keys information, and use this information to launch further attacks against the affected system.
CVE-2024-6326 CVSS:5.9
Rockwell Automation FactoryTalk System Services and Policy Manager could allow a local authenticated attacker to obtain sensitive information, caused by the leak of private keys when start a back-up or restore process. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain private keys information, and use this information to launch further attacks against the affected system.
Impact
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2024-6325
- CVE-2024-6326
Affected Vendors
Rockwell Automation
Affected Products
- Rockwell Automation FactoryTalk System Services 6.40
Remediation
Refer to Rockwell Automation Website for patch, upgrade or suggested workaround information.