An unquoted executable path exists in the Rockwell Automation FactoryTalk® Remote Access™ possibly resulting in remote code execution if exploited. While running the FTRA installer package, the executable path is not properly quoted, which could allow a threat actor to enter a malicious executable and run it as a System user. A threat actor needs admin privileges to exploit this vulnerability.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Rockwell
Published: 2024-05-16T15:25:28.558Z
Updated: 2024-08-01T20:20:00.578Z
Reserved: 2024-04-10T20:45:50.623Z
Link: CVE-2024-3640
Vulnrichment
Updated: 2024-08-01T20:20:00.578Z
NVD
Status : Awaiting Analysis
Published: 2024-05-16T16:15:10.477
Modified: 2024-11-21T09:30:03.560
Link: CVE-2024-3640
Redhat
No data.