Multiple Fortinet Products Vulnerabilities
November 14, 2024Russian Threat Actors Use New NTLM Flaw to Send Phishing Emails Spreading Spark RAT – Active IOCs
November 14, 2024Multiple Fortinet Products Vulnerabilities
November 14, 2024Russian Threat Actors Use New NTLM Flaw to Send Phishing Emails Spreading Spark RAT – Active IOCs
November 14, 2024Severity
High
Analysis Summary
CVE-2024-37365
Rockwell Automation FactoryTalk View ME could allow a remote authenticated attacker to execute arbitrary code on the system, caused by allowing modification or deletion of files. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Indicators of Compromise
CVE
- CVE-2024-37365
Affected Vendors
Affected Products
- Rockwell Automation FactoryTalk View Machine Edition 14
Remediation
Upgrade to the latest version of FactoryTalk View ME, available from the Rockwell Automation Website.