CVE-2017-6015 Information

Description

Without quotation marks any whitespace in the file path for Rockwell Automation FactoryTalk Activation version 4.00.02 remains ambiguous which may allow an attacker to link to or run a malicious executable. This may allow an authorized but not privileged local user to execute arbitrary code with elevated privileges on the system. CVSS v3 base score: 8.8 CVSS vector string: (AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). Rockwell Automation has released a new version of FactoryTalk Activation Version 4.01 which addresses the identified vulnerability. Rockwell Automation recommends upgrading to the latest version of FactoryTalk Activation Version 4.01 or later.

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Reference

http://www.securityfocus.com/bid/96996 https://ics-cert.us-cert.gov/advisories/ICSA-17-047-02 https://rockwellautomation.custhelp.com/app/answers/detail/a_id/939382

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.8