Sign-up

ID

VAR-201805-0119


CVE

CVE-2017-6015


TITLE

Rockwell Automation FactoryTalk Activation Local Privilege Escalation Vulnerability

Trust: 0.8

sources: IVD: 5f92208a-6f8a-474a-bd93-87af91db32ec // CNVD: CNVD-2017-05069

DESCRIPTION

Without quotation marks, any whitespace in the file path for Rockwell Automation FactoryTalk Activation version 4.00.02 remains ambiguous, which may allow an attacker to link to or run a malicious executable. This may allow an authorized, but not privileged local user to execute arbitrary code with elevated privileges on the system. CVSS v3 base score: 8.8, CVSS vector string: (AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). Rockwell Automation has released a new version of FactoryTalk Activation, Version 4.01, which addresses the identified vulnerability. Rockwell Automation recommends upgrading to the latest version of FactoryTalk Activation, Version 4.01 or later. Rockwell Automation FactoryTalk Activation Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Rockwell Automation is a solution provider for industrial automation, control and information technology. A local privilege elevation vulnerability exists in RockwellAutomationFactoryTalkActivation. FactoryTalk Activation Service 4.00.02 and prior are vulnerable. FactoryTalk Activation is one component used to manage application licenses

Trust: 2.7

sources: NVD: CVE-2017-6015 // JVNDB: JVNDB-2017-013404 // CNVD: CNVD-2017-05069 // BID: 96996 // IVD: 5f92208a-6f8a-474a-bd93-87af91db32ec // VULHUB: VHN-114218

IOT TAXONOMY

category:['ICS', 'Network device']sub_category: -

Trust: 0.6

category:['ICS']sub_category: -

Trust: 0.2

sources: IVD: 5f92208a-6f8a-474a-bd93-87af91db32ec // CNVD: CNVD-2017-05069

AFFECTED PRODUCTS

vendor:rockwellautomationmodel:factorytalk activationscope:lteversion:4.00.02

Trust: 1.0

vendor:rockwellmodel:automation factorytalk activation servicescope:eqversion:4.00.02

Trust: 0.9

vendor:rockwell automationmodel:factorytalkscope:eqversion:4.00.02

Trust: 0.8

vendor:rockwellmodel:automation factorytalk activation servicescope:ltversion:4.00.02

Trust: 0.6

vendor:rockwellautomationmodel:factorytalk activationscope:eqversion:4.00.02

Trust: 0.6

vendor:rockwellmodel:automation studio view designerscope:eqversion:50000

Trust: 0.3

vendor:rockwellmodel:automation studio logix emulatescope:eqversion:50000

Trust: 0.3

vendor:rockwellmodel:automation studio logix designerscope:eqversion:50000

Trust: 0.3

vendor:rockwellmodel:automation studio architectscope:eqversion:50000

Trust: 0.3

vendor:rockwellmodel:automation softlogixscope:eqversion:58000

Trust: 0.3

vendor:rockwellmodel:automation rsview32scope:eqversion:0

Trust: 0.3

vendor:rockwellmodel:automation rsnetworxscope:eqversion:0

Trust: 0.3

vendor:rockwellmodel:automation rslogix emulatescope:eqversion:50000

Trust: 0.3

vendor:rockwellmodel:automation rslogixscope:eqversion:50000

Trust: 0.3

vendor:rockwellmodel:automation rslogixscope:eqversion:5000

Trust: 0.3

vendor:rockwellmodel:automation rslogixscope:eqversion:50

Trust: 0.3

vendor:rockwellmodel:automation rslinx classicscope:eqversion:0

Trust: 0.3

vendor:rockwellmodel:automation rsfieldbusscope:eqversion:0

Trust: 0.3

vendor:rockwellmodel:automation rockarenascope:eqversion:0

Trust: 0.3

vendor:rockwellmodel:automation factorytalk viewpointscope:eqversion:0

Trust: 0.3

vendor:rockwellmodel:automation factorytalk view site editionscope:eqversion:0

Trust: 0.3

vendor:rockwellmodel:automation factorytalk view machine editionscope:eqversion:0

Trust: 0.3

vendor:rockwellmodel:automation factorytalk vantagepointscope:eqversion:0

Trust: 0.3

vendor:rockwellmodel:automation factorytalk metricsscope:eqversion:0

Trust: 0.3

vendor:rockwellmodel:automation factorytalk information serverscope:eqversion:0

Trust: 0.3

vendor:rockwellmodel:automation factorytalk historian site editionscope:eqversion:0

Trust: 0.3

vendor:rockwellmodel:automation factorytalk historian classicscope:eqversion:0

Trust: 0.3

vendor:rockwellmodel:automation factorytalk gatewayscope:eqversion:0

Trust: 0.3

vendor:rockwellmodel:automation factorytalk eprocedurescope:eqversion:0

Trust: 0.3

vendor:rockwellmodel:automation factorytalk energymetrixscope:eqversion:0

Trust: 0.3

vendor:rockwellmodel:automation factorytalk batchscope:eqversion:0

Trust: 0.3

vendor:rockwellmodel:automation factorytalk assetcentrescope:eqversion:0

Trust: 0.3

vendor:rockwellmodel:automation emonitorscope:eqversion:0

Trust: 0.3

vendor:rockwellmodel:automation factorytalk activation servicescope:neversion:4.01

Trust: 0.3

vendor:factorytalk activationmodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: 5f92208a-6f8a-474a-bd93-87af91db32ec // CNVD: CNVD-2017-05069 // BID: 96996 // JVNDB: JVNDB-2017-013404 // CNNVD: CNNVD-201702-597 // NVD: CVE-2017-6015

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-6015
value: HIGH

Trust: 1.0

NVD: CVE-2017-6015
value: HIGH

Trust: 0.8

CNVD: CNVD-2017-05069
value: LOW

Trust: 0.6

CNNVD: CNNVD-201702-597
value: HIGH

Trust: 0.6

IVD: 5f92208a-6f8a-474a-bd93-87af91db32ec
value: HIGH

Trust: 0.2

VULHUB: VHN-114218
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2017-6015
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-05069
severity: LOW
baseScore: 3.3
vectorString: AV:L/AC:M/AU:N/C:P/I:P/A:N
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 3.4
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 5f92208a-6f8a-474a-bd93-87af91db32ec
severity: LOW
baseScore: 3.3
vectorString: AV:L/AC:M/AU:N/C:P/I:P/A:N
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 3.4
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-114218
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-6015
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: IVD: 5f92208a-6f8a-474a-bd93-87af91db32ec // CNVD: CNVD-2017-05069 // VULHUB: VHN-114218 // JVNDB: JVNDB-2017-013404 // CNNVD: CNNVD-201702-597 // NVD: CVE-2017-6015

PROBLEMTYPE DATA

problemtype:CWE-74

Trust: 1.1

problemtype:CWE-428

Trust: 1.0

problemtype:CWE-264

Trust: 0.9

sources: VULHUB: VHN-114218 // JVNDB: JVNDB-2017-013404 // NVD: CVE-2017-6015

THREAT TYPE

local

Trust: 0.9

sources: BID: 96996 // CNNVD: CNNVD-201702-597

TYPE

injection

Trust: 0.8

sources: IVD: 5f92208a-6f8a-474a-bd93-87af91db32ec // CNNVD: CNNVD-201702-597

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-013404

PATCH
title:Top Pageurl:https://www.rockwellautomation.com/
Trust: 0.8
title:RockwellAutomationFactoryTalkActivation Local Privilege Escalation Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/92373
Trust: 0.6
title:Rockwell Automation FactoryTalk Activation Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=99649
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-05069 // 
            
            
            
            JVNDB: JVNDB-2017-013404 // 
            
            
            
            CNNVD: CNNVD-201702-597

EXTERNAL IDS
db:NVDid:CVE-2017-6015
Trust: 3.6
db:ICS CERTid:ICSA-17-047-02
Trust: 2.8
db:BIDid:96996
Trust: 2.6
db:CNNVDid:CNNVD-201702-597
Trust: 0.9
db:CNVDid:CNVD-2017-05069
Trust: 0.8
db:JVNDBid:JVNDB-2017-013404
Trust: 0.8
db:IVDid:5F92208A-6F8A-474A-BD93-87AF91DB32EC
Trust: 0.2
db:VULHUBid:VHN-114218
Trust: 0.1
sources:
            
            
            IVD: 5f92208a-6f8a-474a-bd93-87af91db32ec // 
            
            
            
            CNVD: CNVD-2017-05069 // 
            
            
            
            VULHUB: VHN-114218 // 
            
            
            
            BID: 96996 // 
            
            
            
            JVNDB: JVNDB-2017-013404 // 
            
            
            
            CNNVD: CNNVD-201702-597 // 
            
            
            
            NVD: CVE-2017-6015

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-17-047-02
Trust: 2.5
url:http://www.securityfocus.com/bid/96996
Trust: 2.3
url:https://rockwellautomation.custhelp.com/app/answers/detail/a_id/939382
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6015
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-6015
Trust: 0.8
url:http://www.rockwellautomation.com/
Trust: 0.3
url:https://ics-cert.us-cert.gov/advisories/icsa-17-047-02 
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2017-05069 // 
            
            
            
            VULHUB: VHN-114218 // 
            
            
            
            BID: 96996 // 
            
            
            
            JVNDB: JVNDB-2017-013404 // 
            
            
            
            CNNVD: CNNVD-201702-597 // 
            
            
            
            NVD: CVE-2017-6015

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 96996

SOURCES
db:IVDid:5f92208a-6f8a-474a-bd93-87af91db32ec
db:CNVDid:CNVD-2017-05069
db:VULHUBid:VHN-114218
db:BIDid:96996
db:JVNDBid:JVNDB-2017-013404
db:CNNVDid:CNNVD-201702-597
db:NVDid:CVE-2017-6015

LAST UPDATE DATE
2024-11-23T23:05:07.707000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-05069date:2017-04-22T00:00:00
db:VULHUBid:VHN-114218date:2019-10-09T00:00:00
db:BIDid:96996date:2017-03-23T00:01:00
db:JVNDBid:JVNDB-2017-013404date:2018-07-04T00:00:00
db:CNNVDid:CNNVD-201702-597date:2019-10-17T00:00:00
db:NVDid:CVE-2017-6015date:2024-11-21T03:28:54.360

SOURCES RELEASE DATE
db:IVDid:5f92208a-6f8a-474a-bd93-87af91db32ecdate:2017-04-22T00:00:00
db:CNVDid:CNVD-2017-05069date:2017-04-24T00:00:00
db:VULHUBid:VHN-114218date:2018-05-11T00:00:00
db:BIDid:96996date:2017-03-21T00:00:00
db:JVNDBid:JVNDB-2017-013404date:2018-07-04T00:00:00
db:CNNVDid:CNNVD-201702-597date:2017-02-17T00:00:00
db:NVDid:CVE-2017-6015date:2018-05-11T13:29:00.297