CVE-2024-7847

EPSS 0.36%
Veröffentlicht 14.10.2024 14:15:12
Zuletzt bearbeitet 29.09.2025 17:27:33
Quelle PSIRT@rockwellautomation.com
CVE-Watchlists
Login
Unerledigt
Login

RSLogix™ 5 and RSLogix 500® Remote Code Execution Via VBA Embedded Script

VULNERABILITY DETAILS

Rockwell Automation used the latest versions of the CVSS scoring system to assess the following vulnerabilities. The following vulnerabilities were reported to us by Sharon Brizinov of Claroty Research - Team82. 

A feature in the affected products enables users to prepare a project file with an embedded VBA script and can be configured to run once the project file has been opened without user intervention.  This feature can be abused to trick a legitimate user into executing malicious code upon opening an infected RSP/RSS project file. If exploited, a threat actor may be able to perform a remote code execution. Connected devices may also be impacted by exploitation of this vulnerability.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 4

NVD 4 VulnDex Vulnerability Enrichment 2

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Rockwellautomation ≫ Rslogix 5 Version-

Rockwellautomation ≫ Rslogix 500 Version-

Rockwellautomation ≫ Rslogix Micro Developer Version-

Rockwellautomation ≫ Rslogix Micro Starter Lite Version-

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.36%	0.578

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
PSIRT@rockwellautomation.com	8.8	0	0	CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
PSIRT@rockwellautomation.com	7.7	1	6	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

CWE-345 Insufficient Verification of Data Authenticity

The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1701.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-7847

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-7847

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-7847

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-7847