Rewterz Threat Alert – Charming Kitten APT Utilizes BASICSTAR Backdoor to Target Middle Eastern Policy Experts – Active IOCs
February 19, 2024Rewterz Threat Advisory – Multiple Dell RecoverPoint for Virtual Machines Vulnerabilities
February 20, 2024Rewterz Threat Alert – Charming Kitten APT Utilizes BASICSTAR Backdoor to Target Middle Eastern Policy Experts – Active IOCs
February 19, 2024Rewterz Threat Advisory – Multiple Dell RecoverPoint for Virtual Machines Vulnerabilities
February 20, 2024Severity
High
Analysis Summary
CVE-2024-21915
Rockwell Automation FactoryTalk Service Platform could allow a remote authenticated attacker to gain elevated privileges on the system, caused by incorrect execution-assigned permissions. By sending a specially crafted request, an attacker could exploit this vulnerability to potentially read and modify sensitive data, delete data and render the FTSP system unavailable.
Impact
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2024-21915
Affected Vendors
Rockwell
Affected Products
- Rockwell Automation FactoryTalk Service Platform 2.73
Remediation
Refer to Rockwell Automation Security Document for patch, upgrade, or suggested workaround information.