AI description
CVE-2025-24480 is a remote code execution vulnerability found in Rockwell Automation FactoryTalk View ME versions prior to 15.0. It stems from insufficient input sanitization, allowing remote attackers to execute commands or code with elevated privileges. This vulnerability is identified by CVE-2025-24480 and was disclosed on January 21, 2025. Exploitation is reportedly easy and requires no authentication. Technical details and exploits are not currently publicly available. Rockwell Automation recommends upgrading to FactoryTalk View ME version 15.0 or applying the relevant patches. Protecting network access to the affected device is also advised. no authentication. Technical details and exploits are not currently publicly available. Rockwell Automation recommends upgrading to FactoryTalk View ME version 15.0 or applying the relevant patches. Protecting network access to the affected device is also advised.
- Description
- A Remote Code Execution Vulnerability exists in the product and version listed above. The vulnerability is due to lack of input sanitation and could allow a remote attacker to run commands or code as a high privileged user.
- Source
- PSIRT@rockwellautomation.com
- NVD status
- Received
CVSS 4.0
- Type
- Secondary
- Base score
- 9.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- CRITICAL
- PSIRT@rockwellautomation.com
- CWE-78
- Hype score
- Not currently trending
#Vulnerability #CVE202524479 CVE-2025-24480 (CVSS 9.8): Rockwell Automation Addresses Critical Flaw in FactoryTalk View ME https://t.co/Bdk1DiibVN
@Komodosec
10 Feb 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-24480 impacts Rockwell Automation https://t.co/n65OXnHH37
@WhalersLtd
3 Feb 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-24480 (CVSS 9.8): Rockwell Automation Addresses Critical Flaw in FactoryTalk View ME https://t.co/mFaU4T4IfH
@JosephLykowski
2 Feb 2025
87 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Rockwell Automation FactoryTalk View Machine Edition (ME)に重大(Critical)な脆弱性。CVE-2025-24480はCVSSスコア9.8で、入力無害化の欠如に起因し、攻撃者が遠隔から高権限ユーザでコマンドを実行することが可能なもの。ローカル権限昇格CVE-2025-24479と併せて修正。 https://t.co/ryz0w6Cnvv
@__kokumoto
2 Feb 2025
527 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-24480 impacts Rockwell Automation #RockwellAutomation #CVE-2025-24480 https://t.co/haOQZMstsW
@pravin_karthik
2 Feb 2025
183 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-24480 (CVSS 9.8): Rockwell Automation Addresses Critical Flaw in FactoryTalk View ME https://t.co/IU5rNZRe1b
@Dinosn
1 Feb 2025
1916 Impressions
0 Retweets
3 Likes
3 Bookmarks
0 Replies
0 Quotes
🗣 CVE-2025-24480 (CVSS 9.8): Rockwell Automation Addresses Critical Flaw in FactoryTalk View ME https://t.co/LEk2sC9E5p
@fridaysecurity
1 Feb 2025
119 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-24480 (CVSS 9.8): Rockwell Automation Addresses Critical Flaw in FactoryTalk View ME CVE-2025-24479 and CVE-2025-24480 could potentially allow attackers to execute malicious code and compromise affected systems https://t.co/9pLxtk4OTS
@the_yellow_fall
1 Feb 2025
398 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-24480: CRITICAL] Beware of a Remote Code Execution Vulnerability due to input sanitation issues. Attackers could run commands as high privileged users. Stay cyber secure!#cybersecurity,#vulnerability https://t.co/UQzdX8TSRJ https://t.co/LVvSL0edDF
@CveFindCom
28 Jan 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-24480 A Remote Code Execution Vulnerability exists in the product and version listed above. The vulnerability is due to lack of input sanitation and could allow a remote at… https://t.co/gavwH7zbJx
@CVEnew
28 Jan 2025
200 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes