ID

VAR-202401-1419


CVE

CVE-2024-21917


TITLE

Rockwell Automation  of  FactoryTalk Services Platform  Digital Signature Verification Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2024-002283

DESCRIPTION

A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. This is due to the lack of digital signing between the FTSP service token and directory.  If exploited, a malicious user could potentially retrieve user information and modify settings without any authentication

Trust: 1.71

sources: NVD: CVE-2024-21917 // JVNDB: JVNDB-2024-002283 // VULMON: CVE-2024-21917

AFFECTED PRODUCTS

vendor:rockwellautomationmodel:factorytalk services platformscope:lteversion:6.31.00

Trust: 1.0

vendor:rockwell automationmodel:factorytalk services platformscope:eqversion: -

Trust: 0.8

vendor:rockwell automationmodel:factorytalk services platformscope:lteversion:6.31.00 and earlier

Trust: 0.8

vendor:rockwell automationmodel:factorytalk services platformscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2024-002283 // NVD: CVE-2024-21917

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2024-21917
value: CRITICAL

Trust: 1.0

PSIRT@rockwellautomation.com: CVE-2024-21917
value: CRITICAL

Trust: 1.0

NVD: CVE-2024-21917
value: CRITICAL

Trust: 0.8

nvd@nist.gov: CVE-2024-21917
baseSeverity: CRITICAL
baseScore: 9.1
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 5.2
version: 3.1

Trust: 1.0

PSIRT@rockwellautomation.com: CVE-2024-21917
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2024-21917
baseSeverity: CRITICAL
baseScore: 9.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2024-002283 // NVD: CVE-2024-21917 // NVD: CVE-2024-21917

PROBLEMTYPE DATA

problemtype:CWE-347

Trust: 1.0

problemtype:Improper verification of digital signatures (CWE-347) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2024-002283 // NVD: CVE-2024-21917

EXTERNAL IDS

db:NVDid:CVE-2024-21917

Trust: 2.7

db:ICS CERTid:ICSA-24-030-06

Trust: 0.9

db:JVNid:JVNVU99327679

Trust: 0.8

db:JVNDBid:JVNDB-2024-002283

Trust: 0.8

db:VULMONid:CVE-2024-21917

Trust: 0.1

sources: VULMON: CVE-2024-21917 // JVNDB: JVNDB-2024-002283 // NVD: CVE-2024-21917

REFERENCES

url:https://www.rockwellautomation.com/en-us/support/advisory.sd1660.html

Trust: 1.9

url:https://www.cisa.gov/news-events/ics-advisories/icsa-24-030-06

Trust: 0.9

url:https://jvn.jp/vu/jvnvu99327679/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2024-21917

Trust: 0.8

url:https://nvd.nist.gov

Trust: 0.1

sources: VULMON: CVE-2024-21917 // JVNDB: JVNDB-2024-002283 // NVD: CVE-2024-21917

SOURCES

db:VULMONid:CVE-2024-21917
db:JVNDBid:JVNDB-2024-002283
db:NVDid:CVE-2024-21917

LAST UPDATE DATE

2024-08-14T14:54:18.363000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2024-21917date:2024-01-31T00:00:00
db:JVNDBid:JVNDB-2024-002283date:2024-02-13T02:23:00
db:NVDid:CVE-2024-21917date:2024-02-08T01:29:32.367

SOURCES RELEASE DATE

db:VULMONid:CVE-2024-21917date:2024-01-31T00:00:00
db:JVNDBid:JVNDB-2024-002283date:2024-02-13T00:00:00
db:NVDid:CVE-2024-21917date:2024-01-31T19:15:08.633