Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-jgmp-9p3r-pcgr

Опубликовано: 05 фев. 2026
Источник: github
Github: Не прошло ревью
CVSS4: 8.5
CVSS3: 7.8

Описание

Studio 5000 Logix Designer 30.01.00 contains an unquoted service path vulnerability in the FactoryTalk Activation Service that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\ to inject malicious code that would execute with LocalSystem permissions.

Studio 5000 Logix Designer 30.01.00 contains an unquoted service path vulnerability in the FactoryTalk Activation Service that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\ to inject malicious code that would execute with LocalSystem permissions.

Ссылки

EPSS

Процентиль: 0%
0.00002
Низкий

8.5 High

CVSS4

7.8 High

CVSS3

CVE ID

CVE-2019-25276

Дефекты

CWE-428

Связанные уязвимости

nvd логотип

CVE-2019-25276

CVSS3: 7.8
nvd
3 дня назад

Studio 5000 Logix Designer 30.01.00 contains an unquoted service path vulnerability in the FactoryTalk Activation Service that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\ to inject malicious code that would execute with LocalSystem permissions.

debian логотип

CVE-2019-25276

CVSS3: 7.8
debian
3 дня назад

Studio 5000 Logix Designer 30.01.00 contains an unquoted service path ...

EPSS

Процентиль: 0%
0.00002
Низкий

8.5 High

CVSS4

7.8 High

CVSS3

CVE ID

CVE-2019-25276

Дефекты

CWE-428