PT-2026-5809 · Rockwell Automation · Studio 5000 Logix Designer+1
Luis Martinez
·
Publicado
2026-02-04
·
Atualizado
2026-02-05
·
CVE-2019-25276
CVSS v3.1
7.8
Alta
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Studio 5000 Logix Designer version 30.01.00
Description
Studio 5000 Logix Designer 30.01.00 has an unquoted service path issue within the FactoryTalk Activation Service. This allows local users to potentially run code with higher privileges. The unquoted path, located at
C:Program Files (x86)Rockwell SoftwareFactoryTalk Activation, can be exploited to inject malicious code that executes with LocalSystem permissions.Recommendations
Ensure the service path for FactoryTalk Activation Service is properly quoted to prevent malicious code execution.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Factorytalk Activation Service
Studio 5000 Logix Designer