CVE-2024-9412
Published: 08 October 2024
Summary
CVE-2024-9412 is a high-severity Placement of User into Incorrect Group (CWE-842) vulnerability in Rockwellautomation (inferred from references). Its CVSS base score is 8.4 (High).
Operationally, ranked at the 33.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-49924
Vulnerability details
An improper authorization vulnerability exists in the Rockwell Automation affected products that could allow an unauthorized user to sign in. While removal of all role mappings is unlikely, it could occur in the case of unexpected or accidental removal by…
more
the administrator. If exploited, an unauthorized user could access data they previously but should no longer have access to.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.