Vulnerability Description
A privilege escalation vulnerability exists in the Rockwell Automation affected products. The vulnerability occurs due to improper default file permissions allowing users to exfiltrate credentials and escalate privileges.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rockwellautomation | 2800C Optixpanel Compact Firmware | >= 4.0.0.325, < 4.0.2.116 |
| Rockwellautomation | 2800C Optixpanel Compact | - |
| Rockwellautomation | 2800S Optixpanel Standard Firmware | >= 4.0.0.350, < 4.0.2.123 |
| Rockwellautomation | 2800S Optixpanel Standard | - |
| Rockwellautomation | Embedded Edge Compute Module Firmware | >= 4.0.0.347, < 4.0.2.106 |
| Rockwellautomation | Embedded Edge Compute Module | - |
Related Weaknesses (CWE)
References
FAQ
What is CVE-2024-8533?
CVE-2024-8533 is a vulnerability with a CVSS score of 8.8 (HIGH). A privilege escalation vulnerability exists in the Rockwell Automation affected products. The vulnerability occurs due to improper default file permissions allowing users to exfiltrate credentials and...
How severe is CVE-2024-8533?
CVE-2024-8533 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-8533?
Check the references section above for vendor advisories and patch information. Affected products include: Rockwellautomation 2800C Optixpanel Compact Firmware, Rockwellautomation 2800C Optixpanel Compact, Rockwellautomation 2800S Optixpanel Standard Firmware, Rockwellautomation 2800S Optixpanel Standard, Rockwellautomation Embedded Edge Compute Module Firmware.