CVE-2024-45824

Summary

CVE-2024-45824 is a critical remote code execution vulnerability affecting certain products from Rockwell Automation, which can be exploited when combined with Path Traversal, Command Injection, and XSS vulnerabilities. The vulnerability allows unauthenticated attackers to execute arbitrary code remotely, posing significant risks to the integrity, confidentiality, and availability of affected systems. To remediate this issue, users are advised to apply the patches provided in the security advisory linked on Rockwell's Trust Center website. The CVSS score for this vulnerability is 9.8, indicating a high level of severity with low attack complexity and no required user interaction. Organizations should prioritize addressing this vulnerability due to its potential for high impact and ease of exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.