CVE-2025-24482

Published Jan 28, 2025

Last updated 25 days ago

CVSS high 7.0

Overview

Description
A Local Code Injection Vulnerability exists in the product and version listed above. The vulnerability is due to incorrect default permissions and allows for DLLs to be executed with higher level permissions.
Source
PSIRT@rockwellautomation.com
NVD status
Received

Risk scores

CVSS 4.0

Type
Secondary
Base score
7
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
HIGH

Weaknesses

PSIRT@rockwellautomation.com
CWE-94

Social media

Hype score
Not currently trending

  1. CVE-2025-24482 A Local Code Injection Vulnerability exists in the product and version listed above. The vulnerability is due to incorrect default permissions and allows for DLLs to … https://t.co/ZZSctj3XK3

    @CVEnew

    28 Jan 2025

    55 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References