Products
Rockwell Automation Emulate3D
Source
PSIRT@rockwellautomation.com
Tags
CVE-2024-6079 details
Published : Aug. 13, 2024, 6:15 p.m.
Last Modified : Aug. 13, 2024, 6:15 p.m.
Last Modified : Aug. 13, 2024, 6:15 p.m.
Description
A vulnerability exists in the Rockwell Automation Emulate3D™, which could be leveraged to execute a DLL Hijacking attack. The application loads shared libraries, which are readable and writable by any user. If exploited, a malicious user could leverage a malicious dll and perform a remote code execution attack.
CVSS Score
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|---|---|
CWE-610 | Externally Controlled Reference to a Resource in Another Sphere | The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere. |
References
URL | Source |
---|---|
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201683.html | PSIRT@rockwellautomation.com |
This website uses the NVD API, but is not approved or certified by it.