Today > vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-6079

Aug. 13, 2024, 6:15 p.m.

Tags

CWE-610
PSIRT@rockwellautomation.com
2024-08-13
CVE-2024-6079

Product(s) Impacted

Rockwell Automation Emulate3D

Description

A vulnerability exists in the Rockwell Automation Emulate3D™, which could be leveraged to execute a DLL Hijacking attack. The application loads shared libraries, which are readable and writable by any user. If exploited, a malicious user could leverage a malicious dll and perform a remote code execution attack.

Weaknesses

CWE-610
Externally Controlled Reference to a Resource in Another Sphere

The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.

CWE ID: 610

Date

Published: Aug. 13, 2024, 6:15 p.m.

Last Modified: Aug. 13, 2024, 6:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

PSIRT@rockwellautomation.com

References

https://www.rockwellautomation.com/ PSIRT@rockwellautomation.com