Overview
- Description
- A remote code execution vulnerability exists in Rockwell Automation Studio 5000 Logix Emulate software. Users are granted elevated permissions on certain product services when the software is installed. Due to this misconfiguration, a malicious user could potentially achieve remote code execution on the targeted software.
- Source
- PSIRT@rockwellautomation.com
- NVD status
- Modified
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rockwellautomation:studio_5000_logix_emulate:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FB9EB8A2-A2F2-45A4-923E-2E40BDF16F76",
"versionEndExcluding": "34.00",
"versionStartIncluding": "20.011"
}
],
"operator": "OR"
}
]
}
]